How Secure Are Payments Made Through Messaging Platforms

Now you can send and receive payments through messaging platforms, but is it safe? We explain. 

Published
Explainers
4 min read
Now you can make digital payments directly from messaging apps. 
i
Snapshot

Many popular instant messaging platforms are getting into digital payments, while some digital payment platforms are getting into instant messaging. Instant messaging and instant payments platforms seem to compliment each other. However, one question remains – are such payments secure?

The latest to enter the fray is WhatsApp (owned by Facebook). It now allows users to send or receive money from within the app itself. It works using the UPI (Unified Payments Interface) that was set up by the National Payments Corporation of India. Not just WhatsApp, but even apps such as PhonePe, Truecaller and Hike Messenger all use UPI to send or receive money within the app.

To figure out how secure payments through messaging platforms are, one has to first understand how UPI works.

How Does UPI Work?

When one wants to transfer money to somebody online, the choices have so far been limited. You have either used one of the wallet apps (such as PayTM, Mobikwik or Oxigen) or you asked the receiver for his/her bank account details, complete with IFSC code, added them as a payee (which could take a few hours), and then completed the transaction.

However, UPI is like an email address that is directly linked to your bank account (xxxxx@bankname). This unique identity is linked to the phone number registered with your bank. All that UPI requires is the receiver’s UPI identity or phone number. Completing a transaction simply requires the user to authenticate the transaction using a PIN number (not a one time password, as is the case with wallets or online card transactions). This makes it faster.

Also read: WhatsApp Payment Live in India For Some Users; Here’s How it Works

Add UPI payment option for direct transfer on Android phones. 
Add UPI payment option for direct transfer on Android phones. 
(Photo: The Quint)

How Secure is UPI?

Using the United Payments Interface works out to be more secure than other platforms, because the sender and receiver do not need to share their bank account details. The only thing the sender or the receiver sees is the other person’s UPI ID or their phone number, as the case may be.

To send money, the sender also has to enter their UPI PIN (set up at the time of creating a UPI ID with your bank account). This authenticates the transaction and serves as the second factor in authorising the transaction (two-factor authorisation compliant).

Also read: Paytm vs Google Tez vs BHIM: The Best Digital Payment App Is...

How Do Messaging Systems Use UPI?

WhatsApp, Hike, Truecaller, and even PayTM have begun to use the UPI system. There are other exclusive payment platforms that use the UPI interface, like the government’s BHIM and Google’s Tez.

All these apps just link to your phone number and the associated bank account related to your UPI ID. To use any of these payment methods, you first have to set up a UPI account with your bank.

Read: United Payment Interface - How Will It Make Life Simpler For You

All these messaging apps have a separate tab (or in WhatsApp’s case, a button) that allows you to send or receive money. The moment you use this, it will search for the associated UPI ID – with the phone number – and once verified, the transaction can be completed using the UPI PIN number.

This is how you pay on WhatsApp via UPI. 
This is how you pay on WhatsApp via UPI. 
(Photo Courtesy: WhatsApp screengrab)

Can These Apps Login To My Bank Account?

No, none of these messaging apps can login or see the details of your bank account. They can only read the phone number and UPI ID associated with the bank account. However, a user also has to enter their UPI PIN number each time a transaction is carried out.

This is where it helps to transact only through recognised apps and platforms – those that are verified by Google or Apple – as malicious apps could record keystrokes (and hence your PIN number). Apps such as WhatsApp, PayTM, BHIM, Tez, Hike and Truecaller are safe.

Is Payment Through Messaging Easier Than e-Wallets?

Whether you are using a messaging platform to transfer money or an e-wallet, it’s all about the ecosystem. For example, a PayTM user can transfer money to another PayTM wallet user directly with just a couple of clicks. Similarly, one WhatsApp user can send money to another WhatsApp user in the course of a conversation, within WhatsApp itself. However, you can’t exactly send money from WhatsApp to PayTM or vice versa. It is limited to the ecosystem.

However, given the size of WhatsApp in terms of users, it clearly has an advantage (200 million active users in India) over PayTM (180 million wallet users), but the latter is a diversified platform. PayTM also includes messaging besides e-commerce, ticketing and other features in its app, making it a larger ecosystem.

India is the largest market for WhatsApp with over 200 million monthly active users as of February 2017. 
India is the largest market for WhatsApp with over 200 million monthly active users as of February 2017. 
(Photo: The Quint)
Stay Updated

Subscribe To Our Daily Newsletter And Get News Delivered Straight To Your Inbox.

Join over 120,000 subscribers!