Aligning with parent Facebook’s distress over the abuse of users’ data by several apps developers is the latest disclosure by WhatsApp which has confirmed sharing users’ data with Facebook and third-party providers.
This data is mostly concerned with the recently introduced payments feature in WhatsApp which is based on Unified Payments Interface (UPI). The feature is currently available in beta and is expected to roll out to other users in the coming months.
As per WhatsApp’s payments privacy policy, the company shares among other things your number, device identifiers, sender’s UPI PIN, transaction amount, and VPAs – or virtual payments addresses, which are used to facilitate UPI – with their payment service providers.
WhatsApp also says data is shared with third-parties to “maintain transaction history, provide customer support, and keep services safe and secure“. The data sharing is also done to fend off any kind of data abuse or fraud, claims WhatsApp.
WhatsApp Payments has repeatedly been criticized by the CEO of one of the biggest competing service, Paytm. The Paytm chief had earlier claimed that WhatsApp Payments violates UPI guideline and recently shared his discomfort about Facebook’s engagement with Cambridge Analytica and its recklessness in dealing with the crisis, something that even Facebook CEO has admitted to in his testimony against the Congress. Sharma’s concerns were also echoed by Shubho Ray, President of IAMAI (Internet and Mobile Association of India), who warned about payment services like WhatsApp’s exploiting the “personal financial data” of users.
WhatsApp’s declaration comes after National Payments Corporation of India (NPCI), which governs UPI payments, asked banks to check the data held and shared by payment services using UPI. It prescribed that apps must receive a permission from NPCI as well as from banks before sharing an individual’s UPI payments data with other parties including parent companies, subsidiaries, or other sister companies.
In comparison, the payments privacy policies of Paytm and Flipkart’s PhonePe also disclose that these firms might share data with parent companies.
