BHIM App’s Response to User Concerns Shows its not being Run Like A Typical Government Project
On 6th January, a week after the app was released, a Facebook user wrote a detailed post about why he felt the BHIM app was insecure. “The following post is not to malign or shame the Government or any agency, but to make them aware of the risks in the cyber security domain,” wrote Sameep Agarwal on Facebook. He then outlined why he thought the app had serious security flaws. He said that the app was not written in native code, its crypto(graphy) was non existent, the code wasn’t obfuscated, the app had commented code, and had issues which could lead to data leaks.