Zomato paid hackers Rs 70 lakh to fix bugs; Walmart plans to demerge PhonePe: Report

Zomato has paid hackers about Rs 70 lakh to find and fix bugs. Global retail major Walmart wants to demerge Flipkart’s digital wallet company PhonePe.

Zomato pays over Rs 70 lakh to 435 hackers for fixing bugs

Online food delivery platform Zomato has so far paid over Rs 70 lakh to more than 400 hackers for finding and fixing bugs on its platform,  reports the Economic Times.

The Gurgaon-based company has resolved 775 vulnerabilities reports with the help of HackerOne's bug bounty programme since July 2017.

Over Rs 8.7 lakh in bounties were paid in the last 90 days alone, the company said.

Zomato pays Rs 1.41 lakh to security researchers, Rs 49,647 for bugs with high-severity impact, Rs 21,280 for medium and Rs 10,640 for low-impact vulnerabilities, the report added.

Zomato currently operates in 24 countries like the US, Australia, the UK, Canada, Turkey, UAE, Qatar, Portugal, South Africa, New Zealand among others. It is present in over 500 cities in India.

Walmart plans to demerge PhonePe

Global retail major Walmart wants to demerge Flipkart’s digital wallet company PhonePe so that its ownership gets vested directly with the US retail giant, the Economic Times reports.

Flipkart had acquired PhonePe in early 2016. This move will help Walmart enter the Indian digital payment space.

The proposed demerger will coincide with PhonePe's ongoing fundraising plan of about a billion-dollar through a primary and secondary sale of shares.

Walmart will have about 82% stake each in PhonePe and Flipkart separately, with a combined valuation of $27-30 billion, post demerger, an investment banker told The Economic Times.

Local search engine site JustDial's security flaw allowed hackers to access user accounts

Mumbai-based Just Dial Ltd, which operates local search engine JustDial, was found to contain a security flaw that allowed hackers to access user accounts, the Economic Times reports.

The issue was brought in the notice by Ehraz Ahmed, a cybersecurity researcher.

Ahmed wrote in a blog post that one of JustDial’s internal APIs potentially allowed a hacker to log in to a user account bypassing the phone number, the report said.

“Hackers and telemarketers can mine the data of JustDial by automating a script using a phone number dump found online,” Ahmed said.

Ahmed also shared a video demonstrating the flaw. He revealed that the company had fixed the flaw within a day, the report added.

JustDial is an online directory for services and also offers facilities such as bill payments and recharges, grocery and food delivery, along with handling bookings for restaurants, cabs, and movie tickets.

Meity builds startup hub to connect startups to incubators, accelerators

The Ministry of Electronics and Information Technology (Meity) has built a startup hub called social media platforms for startups and stakeholders, the Economic Times reports.

The platform will act as a ladder for startups to connect with incubators, accelerators, mentors, angel funds and venture capitalists.

The platform will offer startups a webpage to showcase their solutions, connect to incubation centres, seek guidance from mentors, benefit from government schemes, access centres of excellence, and avail research and development (R&D) facilities and labs, the report said.

The Union Minister for IT and Electronics, Ravi Shankar Prasad, will inaugurate the platform later this week,  the report added.

NPCI doesn’t enjoy monopoly and competes with 90 firms: Dilip Asbe to CIC

The Central Information Commission(CIC) bench heard the seventh hearing of Neeraj Sharma Vs National Payments Corporation of India (NPCI) case. The case was filed by Sharma, questioning whether NPCI is a public authority, according to a report by the Entrackr.

Back in 2016, Sharma had petitioned with CIC that while the NPCI was not formed by the parliament, or by a central/state government,  the authority is owned, controlled and substantially financed directly or indirectly by funds provided by the central government and should come under the ambit of Right to Information (RTI) Act, the report said.

Nikhil Borwankar, Sharma's lawyer argued that NPCI ‘has a de-facto monopoly over payments systems in India and is not a normal Section 25 company’.

Responding to petitioner’s claims, Dilip Asbe, chief executive officer, NPCI said that the NPCI doesn’t enjoy a monopoly over the digital payments market as it competes with 90 other platforms.

“UPI is not a monopoly. We do not agree with the point. We have taken authorisation from RBI to operate UPI as a payment system. Most of our applications are operating in a competitive environment,” said Asbe.

The hearing has been closed on the matter and the CIC bench will conclude a final order soon,  the report added.