Govt Audit Reveals Security Vulnerabilities In NPCI Infrastructure

A government audit revealed several ‘critical’ and ‘high’ risk security vulnerabilities in India’s flagship payments processor, the National Payments Corporation of India (NPCI), according to an internal government document accessed by Reuters. 

The audit, which happened over a period of four months leading up to February 2019, revealed a lack of encryption for personal data with the NPCI, which operates the Unified Payments Interface (UPI), forming the crux of the country’s digital payments infrastructure. 

The government document from March 2019 notes that information such as 16-digit card numbers, customer’s names, account numbers and other such information was stored in plain text, leaving the data unprotected in the event of a system breach.

2 views0 comments