NewKerala.com

Key Points

A major fraud in the MobiKwik app has exposed critical vulnerabilities in digital financial platforms. Six individuals were arrested for exploiting a technical glitch that allowed unauthorized money transfers. Experts are now calling for comprehensive investigations into systemic risks in fintech companies. The incident highlights the growing need for robust cybersecurity measures in digital financial services.

Key Points: MobiKwik Rs 40 Crore Fraud Exposes Fintech Platform Risks

  • 6 accused arrested for exploiting MobiKwik app technical glitch
  • Rs 40 crore fraudulently transferred through system vulnerability
  • 2,500 bank accounts frozen in massive financial scam
  • Experts call for deeper regulatory investigation into fintech platforms
3 min read

MobiKwik fraud triggers demand for deeper probe into fintech platforms

Six arrested in massive MobiKwik app fraud, revealing critical vulnerabilities in digital financial platforms and potential systemic risks.

"The company is taking aggressive collection efforts while pursuing legal course of action - MobiKwik Company Statement"

New Delhi, Sep 17

A major fraud of around Rs 40 crore has raised serious concerns about the safety of fintech platforms after Gurugram Police arrested six people for exploiting a technical glitch in the MobiKwik app.

The incident has triggered calls for a deeper investigation into why such glitches are frequently occurring, putting millions of users at risk.

According to police, the glitch in the MobiKwik app allowed transactions to be recorded as successful even when users had insufficient balances in their bank accounts or wallets, or when incorrect passwords were entered.

The accused allegedly misused this flaw to transfer money to their bank accounts, causing heavy losses of around Rs 40 crore.

Industry experts said the MobiKwik case is not an isolated one. In August, Policybazaar Insurance Brokers Private Limited also lodged a complaint with Gurugram Police after fraudsters impersonated its employees, forged documents, and misused the company's ID cards and email IDs to cheat customers.

In that case, at least 11 customers were duped into paying amounts ranging from Rs 8,510 to Rs 35,000, with the total fraud amounting to Rs 2.08 lakh.

Experts warn that repeated cases of such technical flaws and fraudulent activities in fintech platforms could undermine consumer trust.

They have urged regulatory bodies and government agencies like the ED and CBI to carry out a thorough probe into why these vulnerabilities continue to surface and whether there are deeper systemic risks involved.

In Mobikwik case, police officials said that about 2,500 bank accounts were linked to the fraud, all of which have now been frozen.

Nearly Rs 8 crore has already been recovered. The six accused, identified as Rehan, Mohammad Sakil, Wakar Yunus, Wasim Akram, Mohammad Amir and Mohammad Ansar, were arrested from Gurgaon and sent to judicial custody after being produced in court.

The fraud came to light after MobiKwik filed a complaint with Gurugram Police on September 13. The company had detected suspicious transactions during an internal audit a day earlier.

Investigations revealed that some merchants registered on the platform, along with unknown individuals, misused the flaw to get funds credited despite failed transactions.

This resulted in wrongful gains for the accused and losses for the company. The police have registered a case under Sections 318(4) (cheating of a valuable security) and 314 (dishonest misappropriation of property) of the Bharatiya Nyaya Sanhita (BNS). Officers said the probe is still on and more people involved may be identified as the investigation progresses.

In an exchange filing, the company said that they are undertaking all possible and necessary efforts to recover the amount. However, since the police investigation and recovery efforts have just started, it's not yet possible to ascertain the impact.

"The company is taking aggressive collection efforts while pursuing legal course of action to recover the full amount over a period of time," it added.

Meanwhile, in a statement to IANS, the company's spokesperson confirms that this is not a cybersecurity incident, and no user or merchant credentials or other data have been compromised.

- IANS

Share this article:

Reader Comments

R
Rohit P
₹40 crore fraud! That's massive. While I appreciate that they recovered ₹8 crore already, this shows how vulnerable our digital payment systems are. Companies need to invest more in security testing before launching features.
A
Arjun K
Good that police acted quickly and arrested the culprits. But this is not just about MobiKwik - Policybazaar case also shows pattern. Fintech companies must be held accountable for security lapses. Users' hard-earned money is at stake.
S
Sarah B
As someone who recently moved to India, I rely heavily on these apps for payments. This news makes me nervous about using digital wallets. Maybe I should stick to traditional banking until security improves.
V
Vikram M
The fact that they detected this during internal audit is positive. At least they have some monitoring in place. But such basic glitches shouldn't exist in the first place. Quality testing needs to be much more rigorous.
K
Karthik V
While the fraud is unacceptable, I appreciate that no user data was compromised as per their statement. That's a relief. But companies must compensate users if any losses occur due to their technical failures.
M
Michael C
This is why I always recommend using apps from established banks rather than standalone fintech companies. They have better security protocols

We welcome thoughtful discussions from our readers. Please keep comments respectful and on-topic.

Leave a Comment

Minimum 50 characters 0/50