Paytm Claims Telecom Firms Not Preventing Phishing; High Court Seeks Reply From Telecom Regulator

Phishing is a cyber crime where people are contacted by e-mail, phone calls or text messages by someone posing as a legitimate representative of an organisation to lure them to part with their sensitive data, including banking and credit card details and passwords.

Paytm Claims Telecom Firms Not Preventing Phishing; High Court Seeks Reply From Telecom Regulator

High Court has sought a response from Centre, TRAI after Paytm claims no action on phishing

New Delhi:

The Delhi High Court today sought response of the Centre and telecom regulator TRAI on online payment platform Paytm's plea alleging that telecom operators are not blocking those who are defrauding its customers by "phishing" activities over various mobile networks.

A bench of Chief Justice DN Patel and Justice Prateek Jalan issued notice to the Ministry of Communication, Telecom Regulatory Authority of India and major mobile service providers, including Airtel, Reliance Jio, MTNL, BSNL and Vodafone seeking their stand on the plea before the next date of hearing on June 24.

Additional Solicitor General Maninder Acharya and central government standing counsel Anurag Ahluwalia accepted notice on behalf of the ministry.

The order came on the plea by One97 Communications Ltd, which runs Paytm, claiming that millions of its customers have been defrauded by the phishing activities over the mobile networks and the failure of the telecom companies to prevent the same has "caused financial and reputational loss" to it for which it has sought damages of Rs 100 crore from them.

Phishing is a cyber crime where people are contacted by e-mail, phone calls or text messages by someone posing as a legitimate representative of an organisation to lure them to part with their sensitive data, including banking and credit card details and passwords.

Paytm, in its petition filed though advocate Karuna Nundy, has contended that the telecom majors are violating their obligations under the Telecom Commercial Communications Customer Preferences Regulations (TCCCPR) 2018 which was notified by the TRAI to curb problem of unsolicited commercial communications
Paytm has claimed that under the regulations, the telecom companies are required to verify purported telemarketers seeking registration (called registered telemarketers or RTMs) with them before granting access to their customer data and also take action immediately against all fraudulent RTMs.

The petition has contended that the telcos "failure" to undertake proper verification prior to such registration enables fraudulent telemarketers to carry out phisihing activities against customers of Paytm and its associate companies.

It has further contended that under the statutory regime it is the telecom companies responsibility to prevent such fraud and deter the fraudsters through blocking and/or financial disincentives.

Explaining the modus operandi of the fraudsters, Paytm has said that such people or entities get registered with the telecom companies and get assigned themselves headers, like Paytm, PYTM, PTM, IPAYTN, PYTKYC and its derivatives, which are similar to official headers of Paytm -- including BPaytm, FPaytm, PAYTMB, Ipaytm and mPaytm.

Using the similar headers, they send messages to Paytm customers for getting their sensitive and private information, including account details and passwords, One97 has said in its plea.

The messages usually contain some link which when clicked installs a software on the phone allowing the fraudster to get the customer''s financial account details stored on the device, the petition has said.

Some fraudulent RTMs call the customers and seek their private information under the pretext of completing their KYC (know your customer) requirements for making their Paytm wallets operational, it further said.

Paytm has sought directions from the court to TRAI to ensure complete and strict implementation of TCCCPR provisions to curb fraudulent unsolicited commercial communications sent over mobile networks and to take action against the telecom companies for violating their obligations to verify telemarketers under the regulations.

It has also sought direction to the Centre to ensure no SIM is sold without proper verification and to establish an inter-agency task force to coordinate action for limiting fraud taking place over telecom networks.

Paytm has alleged that even after violations were brought to the notice of the telecom companies they failed to take prompt action to block the fraudulent RTMs and impose financial disincentives against them.

It has sought a direction to the telecom companies to take effective action under the TCCCPR to block the phone numbers of the telemarketers who are sending unsolicited commercial communications.

Paytm has also claimed that certain TCCCPR provisions provide for action only against those telemarketers who make unsolicited communications in bulk and provide for only graded penalties and had has sought an order declaring such regulations as unconstitutional and ultra vires the TRAI Act.

It has also sought a declaration from the court that under the regulations the telecom companies are obligated to put in place mechanisms to register reports of violations from customers.
 

(Except for the headline, this story has not been edited by NDTV staff and is published from a syndicated feed.)