Home >Companies >News >Truecaller decides to shut down UPI services in India

Caller ID application Truecaller has suspended its services on the Unified Payments Interface (UPI) to focus on core offerings such as communication and safety, a company spokesperson said.

The spam-blocking app has operated the payments service under Truecaller Pay for the last four years. However, while it will not add new UPI users, the company could integrate Truecaller Pay with other UPI partners on its app, but the final call is yet to be taken.

“We have identified other opportunities where we believe we are uniquely positioned to serve the community. The potential impact of such investment would be significantly higher compared to that of payments where many companies are already contributing. To summarize, this is a strategic decision to deprioritize payments, and focus on products and solutions that can help create significantly more impact in areas like communication, trust and safety," the spokesperson told Mint.

At its peak in mid-2020, Truecaller Pay had close to 20 million registered UPI users, and offered services like bill payments through its banking partners ICICI Bank and Bank of Baroda.

Truecaller said the discontinuation of the UPI service will not have any impact on its lending operations, and the platform will continue to distribute credit through partnerships with its partner non-banking financial companies.

At present, Truecaller has over 200 million monthly active users in India, with around 1.2 million premium customers. The company claimed that it notified the users of its decision two weeks ago. “As per guidance from regulators, we gave two weeks’ notice to users," the spokesperson said.

In March, Truecaller launched a personal safety app called Guardians, which allowed Indian users to share their location with family, friends and authorities on their phone contact list. On pressing the emergency button on the app, guardian contacts, added by the user were alerted about the user’s exact location.

According to Anand Prakash, a cybersecurity researcher and chief executive of PingSafe AI, Guardians had a major bug at the ‘Log in with Truecaller API’ level, allowing attackers to log into the victim’s Guardians account by just using the phone number. “Once the attacker has successfully logged in, they can track all your family members’ locations. The application also leaked the victim’s account details such as date of birth, profile picture and emergency contact details. It allowed an attacker to add more family members to the account once the account was taken over. Truecaller was quick to fix the vulnerability within a few hours," read the PingSafe AI blog.

Truecaller assured that the issue was fixed. “In this case, the issue pointed out by Anand was due to a development configuration being rolled out by mistake during the launch phase. Our engineers were already rolling out a fix at the time of his submission to ensure user safety. We routinely conduct extensive testing to make sure our users are safe and their data secured, however, we would also like to thank Anand for reaching out proactively," said the company spokesperson.

Subscribe to Mint Newsletters
* Enter a valid email
* Thank you for subscribing to our newsletter.

Never miss a story! Stay connected and informed with Mint. Download our App Now!!

Edit Profile
My ReadsRedeem a Gift CardLogout