WhatsApp Updates Privacy Policy, Terms Of Use Ahead Of Payments Service Launch
Sensitive user data such as the last 6 digits of a debit card and PIN are not stored, says WhatsApp.
WhatsApp, which is testing its payments services in India, today said it is updating its terms of service and privacy policy to “reflect the addition of payment interoperability features” ahead of the full-fledged launch of the service.
Almost one million people are “testing” WhatsApp’s payments service in India, which is the largest base for the Facebook-owned company that has over 1.5 billion users globally. WhatsApp has over 200 million users in India.
“We’ll be updating our WhatsApp payments terms of service and privacy policy to provide simpler language on how the payments feature operates. It also reflects the addition of payment interoperability features we’ve added since the beta started,” a WhatsApp spokesperson told PTI.
The spokesperson said the company has worked closely with the National Payments Corporation of India, bank partners, and the Indian government on these details of how its service works.
WhatsApp had received permission from NPCI to tie up with banks to facilitate financial transactions via unified payments interface.
“We still do not have a launch date but this terms and policy update bring us one step closer to full launch,” the spokesperson said. Industry watchers expect the full-fledged launch in the next few weeks.
Now, You Can Be Served Over WhatsApp
As part of the updated terms, WhatsApp said it might collect additional information when payments service is used. “We’ve added new features like interoperability that request additional information (related to) WhatsApp payments user and user of any BHIM UPI-enabled app,” the spokesperson said.
The terms state that WhatsApp collects information “when you send, receive, or request a payment, including the date and time and reference transaction number”. Also, when someone makes a payment to a WhatsApp contact, the company collects the sender and receiver’s names and BHIM UPI IDs.
The company said it used “all the information we have to operate, provide, improve, understand, customise, support, and market our services”. It said the company worked with “the other Facebook companies to provide payments, including to send payment instructions to PSPs (payment service providers)”.
Paytm founder Vijay Shekhar Sharma had earlier this year alleged that WhatsApp’s UPI payments platform has security risks for consumers and is not in compliance with the guidelines.
The Reserve Bank of India has mandated all payments system operators to ensure that data related to payments is stored only in India, giving firms six months to comply with it.
Sources said the Ministry of Electronics and IT had asked NPCI to check if WhatsApp’s payments service conforms with the RBI rules and data security of customers.
WhatsApp had said sensitive user data such as the last six digits of a debit card and UPI PIN are not stored at all. While it admitted to using the infrastructure of Facebook Inc. for the service, it asserted that the parent firm does not use payment information for commercial purpose.
“Facebook processes UPI transaction data as a service provider for WhatsApp, and does not use WhatsApp payments transaction data for commercial purposes,” the spokesperson had clarified.
Concerns have been growing around security of consumer data on various online social media platforms, especially after a data breach incident at Facebook.