Yazılar

Rapido Addresses Security Vulnerability That Exposed User and Driver Data

/in /tarafından

Rapido, the popular ride-hailing platform, has reportedly resolved a security flaw that exposed sensitive user and driver information. According to a report, the flaw was tied to a feedback form, which unintentionally revealed personal data such as full names, email addresses, and phone numbers of individuals submitting feedback. This issue, discovered by a security researcher, raised significant concerns about the potential misuse of this information in scams or other malicious activities. Rapido has since acknowledged the problem and taken swift action to secure the portal, safeguarding the data of its users and drivers.

Security Researcher Uncovers Vulnerability

The flaw was uncovered by security researcher Renganathan P, who identified a vulnerable feedback website used by Rapido to collect responses from both users and drivers. According to TechCrunch, the problem stemmed from an application programming interface (API) that transmitted the collected feedback to a third-party service. This misconfigured API inadvertently exposed personal data, making it accessible to anyone who could identify the issue.

User and Driver Data at Risk

The exposed portal reportedly revealed crucial personal details, including the names, email addresses, and phone numbers provided by individuals using the feedback form. Such information could be exploited for phishing attacks, scams, or other fraudulent activities, amplifying the need for immediate remediation of the issue.

Rapido’s Response to the Breach

In response to the discovery, Rapido acted promptly to set the affected portal to private, effectively mitigating the vulnerability. The company has assured users and drivers that the issue has been resolved and steps have been taken to prevent similar incidents in the future. This case highlights the importance of rigorous security measures in safeguarding user data and maintaining trust in digital platforms.

India Delays UPI Market Share Cap, Benefiting Google Pay and PhonePe

/in /tarafından

India has decided to delay the implementation of market share caps for Unified Payments Interface (UPI) transactions by two years, a move that provides relief to leading digital payment apps Google Pay and Walmart-backed PhonePe. Originally set to take effect at the end of 2024, the new deadline for the market share caps is now December 2026, as announced by the National Payments Corporation of India (NPCI).

The market share cap proposal, first introduced in November 2020, aims to prevent any one digital payment firm from holding more than a 30% share of the transaction volume processed through UPI, which is a key payment platform in India. Currently, PhonePe and Google Pay dominate the UPI market, with PhonePe holding a 47.8% share and Google Pay at 37%, according to November 2024 data. Combined, the two companies processed 13.1 billion transactions in that month alone.

The decision to delay the cap is intended to foster continued growth of the UPI ecosystem while also giving smaller players more time to develop and expand their user bases. The delay has been welcomed by PhonePe and Google Pay, both of which are among the top UPI payment providers in India, alongside competitors such as Paytm, Navi, Cred, and Amazon Pay.

In addition to the market share cap delay, the NPCI has also lifted restrictions on WhatsApp Pay’s UPI product, allowing the messaging platform to onboard more users. This change is expected to further encourage competition in India’s rapidly growing digital payments market.

 

India’s Push for Home-Grown Satellite Constellation Attracts 30 Aspirants

/in /tarafından

India’s initiative to develop home-grown Earth observation (EO) satellite constellations has received a strong response, with 30 companies applying for a role in the project. This effort, managed by the Indian National Space Promotion and Authorisation Centre (IN-SPACe), is part of India’s strategy to reduce its dependence on foreign satellite data for critical sectors like defense, infrastructure management, and mapping.

Pawan Goenka, Chairman of IN-SPACe, announced that nine applications had been received, each representing a consortium of companies. These applicants include a mix of startups, such as Google-backed Pixxel and Baring Private Equity-backed SatSure, as well as larger entities like Tata Group’s Tata Advanced Systems. The project aims to establish satellite constellations that provide crucial data for various industries, including telecoms and climate monitoring. The satellite data market is expected to reach $45 billion by 2030, making it a significant global opportunity.

IN-SPACe issued a call for “expressions of interest” (EoI) in July to develop these homegrown satellite constellations. The initiative is part of India’s broader strategy to commercialize its space sector and ensure data sovereignty. The space regulator set eligibility criteria for the applicants, requiring them to invest at least 850 million rupees ($10 million) in space activities, have a company valuation of 8.5 billion rupees, or a turnover of 2 billion rupees in the last three years. Applicants must also establish spacecraft control centers in India or partner with ground station providers.

The evaluation of technical proposals is expected to be completed by the end of January, with a tender to determine the winning bidder to follow shortly thereafter. The government plans to provide a loan of up to 3.5 billion rupees to the winning company, with private entities expected to cover the rest of the costs. Additionally, India has set up a 10-billion-rupee venture fund to support space startups since the sector was opened to private players in February.

Although India currently relies on foreign EO data from entities like the European Space Agency (ESA) and the Indian Space Research Organisation (ISRO), the country is now focused on expanding its space capabilities and reducing its dependence on external sources.