Truecaller fixes bug that accidentally signed up many Indians to its payment service
If you are living in urban India, there is a very good chance that you have already heard about Truecaller. Truecaller markets itself as an app service that provides caller identification, further empowering users to block out spam calls and filter out spam SMS. The original working goal of Truecaller is supposed to be call screening, but the app has evolved into a chimera that offers varied services such as “smart messaging”, smart dialer (identify names of unknown numbers as you dial), voice caller, call recorder…..and a Payment bank, for some reason. One of Truecaller’s latest updates contained a bug that signed up users for the Truecaller Pay payment service without their consent.
Truecaller Pay is Truecaller’s UPI-powered platform that competes against the likes of Samsung Pay Mini, Google Pay/Tez and Xiaomi’s Mi Pay service in India. On Monday, users on Truecaller’s v10.41.6 update began complaining that the app had registered them to its payments service, without the users actually taking any action or consenting to the same.
I woke up and checked my android phone, which auto-updated a few apps, including @Truecaller . It automatically, immediately sent an encrypted SMS from my phone to an unknown number, following which @ICICIBank sent me a sms …
— Dheeraj Kumar (@codepodu) July 30, 2019
This triggered panic among users as UPI-based platforms link directly with bank accounts to make bank-to-bank transfers easily possible. As the flow of information was not very clear in the initial stages, and the app had initiated the sign-up action without any user intervention, anxious users accused the service of misusing the UPI platform with an intent to defraud users. Under current laws in India, signing up a user to a UPI platform without their consent is illegal.
Truecaller later acknowledged the error and issued a statement on this serious “bug”:
We have discovered a bug in the latest update of Truecaller that affected the payments feature (India only), which automatically triggered a registration post updating to the version. This was a bug and we quickly discontinued this version of the app so no other users will be affected. We’re sorry about this version not passing our quality standards.
We’ve taken quick steps to correct the issue by issuing a fix in the newest version, 10.41.7, and deregistered users that were previously affected.
As of June 2019, Truecaller boasts of 140 Million daily users, of which a good 100 Million are from India. It is unknown how many users were affected by this bug, but the company claims to have deregistered everyone affected.
We are in the process of deregistering all the affected users. We commit to it that it will be done by EOD. This is an unfortunate slip in our release process, it’s extremely rare that we miss a bug like this. We’re extremely sorry for the bad experience. We’ll make up for it.
— Sony Joy (@sonyjoy) July 30, 2019
Truecaller as a service has been ever-so-controversial. Early working models of the app relied on uploading contact information from users in an attempt to create a crowdsourced telephone book. The service vehemently claims that this is no longer the case, and that information is now collated through “partnerships with various phone directory providers globally, social networks as well as when the Truecaller community suggests names through our websites and apps“, and that “Truecaller does not upload phonebooks to make them searchable or public from Google Play or Apple App Store downloads“.
If you disagree with Truecaller’s working philosophy, you can delist your number from the service.