Truecaller 'glitch' signs up users to its payment platform without consent

On Tuesday, the caller identification application Truecaller was caught signing its Indian users up to its payment platform Truecaller Pay, without their consent. Twitter users first started reporting that the application was signing them up for Unified Payment Interface (UPI) IDs. Truecaller Pay utilises the UPI interface, the same as Paytm or other international organisations running payment services.

Truecaller released a statement, “We have discovered a bug in the latest update of Truecaller that affected the payments feature, which automatically triggered a registration post updating to the version. This was a bug and we have discontinued this version of the app so no other users will be affected. We're sorry about this version not passing our quality standards. We've taken quick steps to fix the issue, and already rolled out a fix in a new version. For the users already affected, the new version with the fix will be available shortly, however, in the meanwhile they can choose to manually deregister through the overflow menu in the app.”

"The bug only affected a small fraction of Truecaller's Android users in India. The rollout of the update was halted immediately after users reported the issue. Any users who have been registered for UPI services will automatically be deregistered at the back end. An updated version with the fix will be rolled out to all users soon."

Dilip Asbe, CEO of National Payments Corporation of India (NPCI), said, “there was an issue in the app observed today. We have been updated that last night’s migration had resulted in a bug in the workflow. We understand that it has being fixed and till then user on-boarding has been stopped in this app. NPCI ensures to take action if found non-compliant.”