The Ministry of Electronics and IT (MeitY) has issued a fresh letter to National Payments Corporation of India (NPCI) seeking details about the digital payment service of Facebook-owned platform WhatsApp that is due to be formally launched in India this month.
The government body which had earlier sought clarifications from the NPCI on WhatsApp Payment service issued a fresh letter this week asking details on data storage policy of US-based service and how data will be shared with its parent company.
MeitY, in particular, has raised objections over WhatsApp not complying with two-factor authentication laid by India’s Apex Bank RBI in addition to expressing concerns over the management of user’s data. A copy of the letter has also been sent to RBI.
Lack of a two-factor authentication on the WhatsApp payment service is a major concern as users do not have to enter a PIN to open the application for payments. This is the reason the government is actively probing into the matter. Talking of other UPI apps like Google’s Tez, users need to enter a PIN to access the app and also for making the final transaction.
According to sources, clarifications have been asked about the kind of data shared with Facebook especially after regulations disallow payment firms from sharing user data with third parties. One of the source reported ET,
NPCI has said that data is not to be shared with third parties. It also says that some data which is not of importance can be given, we are asking what that data is (sets which can be shared and which cannot be shared).
Meanwhile, WhatsApp has refused to comment on the matter stating that they are still ongoing testing for the payment feature launch.
According to a person familiar with WhatsApp policies, whenever a user tries to make payments on WhatsApp, the instructions are sent to its payment service provider with the help of Facebook’s secure payment gateway, however, the social media company does not use WhatsApp payment information for commercial purposes.