当前位置:首页 > golf > 正文内容

Govt audit found serious cyber security lapses at NPCI in 2019: Report

admin2周前 (07-31)golf365
Govt audit found serious cyber security lapses at NPCI in 2019: Report Govt audit found serious cyber security lapses at NPCI in 2019: Report golf [File] Representative image

An internal audit by the Central government found more than 40 "critical" and "high risk" security vulnerabilities at the National Payments Corporation of India (NPCI), the umbrella organisation that operates retail payments and settlement systems in the country. According to a Reuters report, the audit, which took place over four months to February 2019, highlighted a lack of encryption of personal data at India's flagship payments processor. NPCI forms the backbone of India's digital payments system and operates the RuPay card network championed by Prime Minister Narendra Modi.

The government audit report, dated March 2019, comes in the backdrop of a report by an online portal vpnMentor last month that revealed that data of more than 7 million users of mobile payments app BHIM or Bharat Interface Money, were exposed in a website breach revealing sensitive personal information dating back to February 2019. The exposed data included information required for signing up for the app such as financial details, photos, Aadhaar and PAN card details of more than seven million users.

The NPCI had refuted the claims then. However, it is not clear if the internal audit report and the breach report by the online portal are with reference to the same breach. 

The March 2019 audit report cited serious lapses in the storing of 16-digit card numbers and other personal information such as customer names, account numbers and national identity numbers. These were stored in “plain text” in some databases, leaving the data unprotected if the system was breached, Reuters reported citing the audit. 

A variety of card numbers were unencrypted within the NPCI database for the country’s network of almost 250,000 ATMs, while unencrypted RuPay card numbers could also be seen in the organisation’s server logs. The audit report also revealed high risk issues in RuPay and other NPCI applications including so-called “buffer overflow” vulnerability, a memory safety issue that can allow hackers to take advantage of coding mistakes.

Operating systems used by the NPCI were not “up to date” and one of its mail servers had inadequate anti-malware functionality, it also said.

However, the NPCI told the news agency that it regularly audits the interests of security and its senior management reviews all findings, which are then “remediated to (the) satisfaction of the auditors”. 

India’s National Cyber Security Coordinator, Rajesh Pant, whose office coordinated the audit, also said in a statement to Reuters that “all observations raised in last year’s report have been confirmed as resolved by the NPCI”.

Set up in 2008, the NPCI is a not-for-profit company, which as of March 2019 counted 56 banks as its shareholders, including the State Bank of India, Citibank and HSBC.



扫描二维码推送至手机访问。

版权声明:本文由甘肃快三发布,如需转载请注明出处。

转载请注明出处:http://garicomm.com/post/640.html

相关文章

In blow for NRIs stranded in India, DGCA bars private jet flights to UAE

In blow for NRIs stranded in India, DGCA bars private jet flights to UAE

Representational image | Twitter handle of MEA The plight of non-resident...

DST Global fund on the cards, Byju's to become 2nd most valuable Indian startup

DST Global fund on the cards, Byju's to become 2nd most valuable Indian startup

[File] Byju Raveendran | AFP Edtech company Byju's will become the second...

Google Pay is not banned, clarifies NPCI

Google Pay is not banned, clarifies NPCI

 One of the top trending items on Twitter on Friday was the sentence “GPayBan...

Demands for global ban on TikTok grow

Demands for global ban on TikTok grow

Propaganda calling for a global ban on the Chinese-owned video-sharing platfo...

Delhi airport develops self-declaration portal for arriving international flyers

Delhi airport develops self-declaration portal for arriving international flyers

(File) An Indian national who was stranded in Singapore amid COVID-19 pandemic, being screened...

发表评论

访客

◎欢迎参与讨论,请在这里发表您的看法、交流您的观点。