National Payments Corporation of India (NPCI) said that there has been no data compromise pertaining to the BHIM App and has requested everyone not to fall prey to such incorrect information.
NPCI has conducted an independent verification of the recent news, including through a leading Digital Risk Monitoring firm who has reconfirmed that the claims against the BHIM App are untrue. There is no data leak with respect to the BHIM app.
CSC e-Governance Services India Ltd was working in 2018 on a project to educate and activate village level entrepreneurs on digital payments and also educating them to create Merchant Virtual Payment Address (VPA). Most of these VPAs were not valid UPI IDs.
Moreover, UPI ID is a virtual ID/token that is meant to be shared conveniently, instead of real account details. The UPI ID can be used to receive money. The user can simply share his UPI ID with the payer and receive payment directly in his bank account. This is a standard feature used by merchants, who only need to receive money using UPI.
Based on the findings from the Digital Risk Monitoring firm, it is ascertained that there is not a single instance of data breach compromising financial details of the customers.
NPCI follows high level of security and an integrated approach to protect its infrastructure and continue to provide a robust payments ecosystem.