Noida-based digital payments giant Paytm has criticised telecom companies and the Telecom Regulatory Authority of India (TRAI) for their inaction in handling rising phishing cases in India.
In a composite rejoinder filed in the Delhi high court, Vijay Shekhar Sharma-led Paytm said that telecom giants — Reliance Jio, Bharti Airtel, Vodafone Idea, Bharat Sanchar Nigam Limited (BSNL) and Mahanagar Telephone Nigam Limited (MTNL) — have failed to meet the verification obligation under the Telecom Commercial Communications Customer Preference Regulations (TCCCPR).
Paytm has alleged that the carelessness of telecom companies has led to an increase in phishing attacks. Previously, Paytm had explained that several scammers are registering themselves as telemarketers on these networks under headers similar to Paytm’s. Some examples are PYTM, PTM, IPAYTN, PYTKYC, BPaytm, FPaytm, PAYTMB, Ipaytm, mPaytm and other derivatives.
Once successful, these scammers send out malicious messages to Paytm customers, fooling them to reveal their personal and sensitive information including account details and passwords. Sometimes, these scammers also call customers to seek private information under the pretext of completing their know-your-customer (KYC) requirements to continue using their Paytm wallets.
In January 2020, Paytm Payments Bank also shared a list of 3,500 phone numbers used in phishing scams to several government bodies like TRAI, the Ministry of Home Affairs (MHA) and cybersecurity department CERT-in. Then in February, the payments bank had also filed an FIR against such scammers.
In the latest hearing, Paytm submitted a list of 560 instances since June 1 when its customers were defrauded of INR 1.1 Cr cumulatively. These attacks are being carried out through both registered and unregistered headers, and 50% of this traffic is flowing through state-run BSNL.
Paytm had filed this complaint in June, after which both Reliance Jio and Vodafone Idea had come out in their defence saying that the digital payments company is trying to camouflage its own security lapses in managing customers’ data.
Reliance Jio also told the Delhi high court that telecom operators like Airtel, Vodafone Idea, BSNL, MTNL and itself cannot be held liable for “unlawful activity” occurring over calls and messages under the TCCCPR, 2018. Meanwhile, Vodafone Idea also highlighted that telecom companies do not have any right to legally access or control the content of communication sent over their network, leave alone marking them as fraud.