According to WhatsApp Pay’s payment policy, the payment app shares user information with third parties such as Facebook.
While Facebook CEO Mark Zuckerberg prepares to testify in front of the US Congress because of the Cambridge Analytica scandal regarding misuse of user data, Whatsapp Pay’s declaration in its payment policy about sharing user information with Facebook is causing waves of concern.
Here’s what you need to know about Facebook’s latest data breach
WhatsApp was acquired by Facebook in 2014. India’s number one message service recently launched the payment service WhatsApp Pay, with the help of which users can transfer money to a Virtual Payment Address (VPA). The VPA is linked to a bank, much like an e-mail id. The transactions are facilitated by Payments Service Providers (PSPs).
WhatsApp Pay is compatible with the Unified Payments Interface (UPI). While the beta version of the app has been received favorably with few doubts, Facebook’s involvement in the Cambridge Analytica scandal has seen WhatsApp keeping a distance. Facebook has been embroiled in scandal since millions of its user data became available to the data analytics firm Cambridge Analytica, which was then used to influence polls in several instances.
Don’t Just Chat, Pay Through WhatsApp and Go Cashless
Now, in order to conduct these transactions, user data will be collected by WhatsApp, and the information will be specific to the transaction, such as the date and time, both parties’ VPAs, and the transaction amount. And this is the information that the app’s payment policy says will be shared with third-party service providers like Facebook.
Here is what the policy says, “We share information with third-party providers and services to help us operate and improve Payments. To send payment instructions to PSPs, maintain your transaction history, provide customer support, and keep our services safe and secure, including to detect, prevent, or otherwise address fraud, safety, security, abuse, or other misconduct, we share information we collect under this Payments Privacy Policy with third-party service providers including Facebook. To provide Payments to you, we share information with third-party services including PSPs, such as your mobile phone number, registration information, device identifiers, VPAs, the sender’s UPI PIN, and payment amount”.
Indian Government Seeks Answers from Facebook and Cambridge Analytica For Data Breach
Meanwhile, in a circular issued by the National Payments Corporation of India (NPCI), the umbrella organization overseeing the Unified Payments Interface (UPI), any bank that is connected to third-party payment apps, like WhatsApp Pay or PhonePe, must have permission from the NPCI for sharing user data.
“PSP bank shall ensure that third-party app provider shall require an exclusive permission from NPCI & PSP bank for sharing individual UPI transaction data with any other third party including its own parent, subsidiaries and subsidiaries of parents other than entities such as Indian government/Indian intelligence/Indian law enforcement agencies/Indian regulatory bodies,” livemint quoted from the circular.
WhatsApp has maintained in the past that users’ one-to-one communication in the chats are encrypted and remain private, however, data regarding whom users message and the frequency of messages can be extracted.
The media has been trying to find out exactly what information WhatsApp Pay will be sharing with Facebook, but so far it is unclear. However, after the knowledge that user data from Facebook was used to influence elections, what could information about whom we pay, how much we pay, how frequently we spend, and what we spend on, be used for?