Indian publication alleges biometric data from doorstep banking may be vulnerable
Allegations that India’s doorstep banking system is leading to predatory lending, and potentially exposing biometric data to unscrupulous companies in China have been raised by an investigative report from Indian publication Moneylife.
The allegations are traced back to a crack-down by the Hyderabad police on lenders prompted by a series of suicides, which according to the report were driven by pressure put on borrowers and their contacts to repay high-interest loans. The reporter claims to have been contacted by a whistle-blower, who traced the ownership of one of the two firms Indian banks have contracted to deliver last-mile services for doorstep banking to a Chinese parent company.
India Post Payments Bank announced in 2018 it would acquire hundreds of thousands of biometric devices to implement doorstep banking services.
The two firms contracted by the 12 Indian banks participating in the scheme for ‘last mile’ connectivity are Atyati Technologies Pvt Ltd. and Integra Microsystems Pvt Ltd. They require an app to be downloaded, with a biometric capability for secure access. Atyati, while registered in Bengaluru, is majority-owned by China Construction Bank Corp (CCB) Global Markets, through multiple layers of companies.
The report claims that Hyderabad have discovered that Chinese lending apps have been exploited to access the contacts of borrowers, and suggests that if similar practices are being followed by the Chinese parent of the doorstep banking contractor, sensitive information including biometric data could be vulnerable to leakage and exploitation.
The Reserve Bank of India (RBI) is now looking into the allegations, according to the report.