Bank of Baroda -- Customer Data Misused for App Registration

A recent report by Al Jazeera documented how customers’ bank accounts at the Bank if Baroda were linked to strangers’ phone numbers to boost registration for their mobile banking app bobWorld, compromising account security.

Under pressure to increase registrations, regional officers reportedly assisted in illegally linking customer accounts to mobile numbers of bank staffers, sanitation/security workers, & relatives, to generate OTPs & onboard customers onto the app without consent. This method increases the number of downloads & sign-ups which are used to measure the app’s success as opposed to active users. Records from the Bhopal zone show that nearly 1,300 numbers were tied to 30-100 bank accounts putting nearly 62,000 bank accounts at risk. Such meddling with customers’ accounts is illegal and unethical and exposes them to the risk of fraud as the person with the registered mobile number can change online banking passwords, access funds, and claim new ATM cards. Other methods employed to inflate registrations included targeting working-class customers using feature phones and inserting their SIM cards into company tablets to register them on the app and creating zero-balance accounts, signing them up for bobWorld.

On Tuesday, the bank denied irregularities and asserted that a system-authenticated and consent-based process was followed for app registrations – evidence from multiple whistleblowers citing “discreet” inquiries being undertaken by BoB suggest otherwise. Such disregard for customers’ financial data & privacy by India’s second-largest state-owned lender as the government pushes for digital banking and a cashless economy spotlights how under-prepared the public sector is for such a transition.

1 Like