How Secure Are Payments Made Through Messaging Platforms

Now you can send and receive payments through messaging platforms, but is it safe? We explain. 

4 min read

Many popular instant messaging platforms are getting into digital payments, while some digital payment platforms are getting into instant messaging. Instant messaging and instant payments platforms seem to compliment each other. However, one question remains – are such payments secure?

The latest to enter the fray is WhatsApp (owned by Facebook). It now allows users to send or receive money from within the app itself. It works using the UPI (Unified Payments Interface) that was set up by the National Payments Corporation of India. Not just WhatsApp, but even apps such as PhonePe, Truecaller and Hike Messenger all use UPI to send or receive money within the app.

To figure out how secure payments through messaging platforms are, one has to first understand how UPI works.


How Does UPI Work?

When one wants to transfer money to somebody online, the choices have so far been limited. You have either used one of the wallet apps (such as PayTM, Mobikwik or Oxigen) or you asked the receiver for his/her bank account details, complete with IFSC code, added them as a payee (which could take a few hours), and then completed the transaction.

However, UPI is like an email address that is directly linked to your bank account (xxxxx@bankname). This unique identity is linked to the phone number registered with your bank. All that UPI requires is the receiver’s UPI identity or phone number. Completing a transaction simply requires the user to authenticate the transaction using a PIN number (not a one time password, as is the case with wallets or online card transactions). This makes it faster.

Also read: WhatsApp Payment Live in India For Some Users; Here’s How it Works

Now you can send and receive payments through messaging platforms, but is it safe? We explain. 
Add UPI payment option for direct transfer on Android phones. 
(Photo: The Quint)

How Secure is UPI?

Using the United Payments Interface works out to be more secure than other platforms, because the sender and receiver do not need to share their bank account details. The only thing the sender or the receiver sees is the other person’s UPI ID or their phone number, as the case may be.

To send money, the sender also has to enter their UPI PIN (set up at the time of creating a UPI ID with your bank account). This authenticates the transaction and serves as the second factor in authorising the transaction (two-factor authorisation compliant).

Also read: Paytm vs Google Tez vs BHIM: The Best Digital Payment App Is...


How Do Messaging Systems Use UPI?

WhatsApp, Hike, Truecaller, and even PayTM have begun to use the UPI system. There are other exclusive payment platforms that use the UPI interface, like the government’s BHIM and Google’s Tez.

All these apps just link to your phone number and the associated bank account related to your UPI ID. To use any of these payment methods, you first have to set up a UPI account with your bank.

Read: United Payment Interface - How Will It Make Life Simpler For You

All these messaging apps have a separate tab (or in WhatsApp’s case, a button) that allows you to send or receive money. The moment you use this, it will search for the associated UPI ID – with the phone number – and once verified, the transaction can be completed using the UPI PIN number.

Now you can send and receive payments through messaging platforms, but is it safe? We explain. 
This is how you pay on WhatsApp via UPI. 
(Photo Courtesy: WhatsApp screengrab)

Can These Apps Login To My Bank Account?

No, none of these messaging apps can login or see the details of your bank account. They can only read the phone number and UPI ID associated with the bank account. However, a user also has to enter their UPI PIN number each time a transaction is carried out.

This is where it helps to transact only through recognised apps and platforms – those that are verified by Google or Apple – as malicious apps could record keystrokes (and hence your PIN number). Apps such as WhatsApp, PayTM, BHIM, Tez, Hike and Truecaller are safe.


Is Payment Through Messaging Easier Than e-Wallets?

Whether you are using a messaging platform to transfer money or an e-wallet, it’s all about the ecosystem. For example, a PayTM user can transfer money to another PayTM wallet user directly with just a couple of clicks. Similarly, one WhatsApp user can send money to another WhatsApp user in the course of a conversation, within WhatsApp itself. However, you can’t exactly send money from WhatsApp to PayTM or vice versa. It is limited to the ecosystem.

However, given the size of WhatsApp in terms of users, it clearly has an advantage (200 million active users in India) over PayTM (180 million wallet users), but the latter is a diversified platform. PayTM also includes messaging besides e-commerce, ticketing and other features in its app, making it a larger ecosystem.

Now you can send and receive payments through messaging platforms, but is it safe? We explain. 
India is the largest market for WhatsApp with over 200 million monthly active users as of February 2017. 
(Photo: The Quint)

(At The Quint, we are answerable only to our audience. Play an active role in shaping our journalism by becoming a member. Because the truth is worth it.)

Speaking truth to power requires allies like you.
Become a Member
Read More