WhatsApp has updated its privacy policies with regards to safety of user data and is looking to offer interoperable payment transactions from other BHIM-UPI applications to address multiple controversies around its payments service and allay fears over data safety.
In a statement to ET, a spokesperson of the California-based instant messaging app confirmed that it uses parent Facebook’s infrastructure for offering payments in India, but ensures that the data stored is encrypted and is not used for commercial purposes.
“We have permission from NPCI (National Payments Corporation of India) and our bank partners to use Facebook as a service provider,” the spokesperson said. “WhatsApp is using Facebook payment infrastructure to enable the payments feature. Facebook does not use WhatsApp payment information for commercial purposes, it simply helps pass the necessary payment information to the PSPs.”
WhatsApp is working with ICICI Bank to offer mobile payments through Unified Payments Interface (UPI) system developed by NPCI to facilitate interbank transactions in India. It is also in the process of partnering with Axis Bank, HDFC Bank and State Bank of India for payments.
With Facebook being embroiled in user privacy and data safety scandal, WhatsApp, a part of the Facebook family, having access to payments in India had become a cause of concern. Even the ministry of electronics and IT, which manages all the digital initiatives of the government, is said to have written a letter to NPCI regarding this matter.
Allaying such fears, WhatsApp said the data that flows through its systems during a transaction include the likes of user name, payment address, receiver and senders’ account status, balance sufficiency and others. Few of this data is retained for future reference and all transaction information is stored in an encrypted format, it said. With respect to the user’s debit card details, UPI pin, card expiration date, these are taken by WhatsApp at the time of onboarding for customers who do not have any prior UPI registration, but these are not retained, it said.
Bankers in the know of the matter said WhatsApp as a third-party service provider gets only limited access to the financial data of the user. It will be able to track customer payment behaviour and might be using it for their own marketing offerings.
WhatsApp, which is thought to have more than 250 million active users in India, is currently operating a test function of its payment offering with ICICI Bank. They have been permitted by NPCI to run the beta testing of their payments product till they reach 1 million customers.
WhatsApp spokesperson did not confirm the date when its payments offering will be available for all its customers in the country. It would not also provide the exact timeline within which other partner banks will go live on WhatsApp Payments.
With respect to storage of payments data within India that has been mandated by the Reserve Bank of India, WhatsApp said its partner ICICI Bank will be in a better position to address such concerns since they are the regulated entity. ET had previously reported that WhatsApp’s payments offering is getting delayed due to privacy concerns raised by various stakeholders post the Cambridge Analytica incident with Facebook.