UPI has definitely been a great development in fintech. However, I don’t understand the purpose behind having full bank names being queryable from just having a phone number.
All UPI apps, including third party apps, like GPay and Paytm, have the “pay to a number” feature. GPay shows the name associated with the Google account that is attached to the bank. While equally bad, one could argue that this is a design choice made by Google, and that people opt-in and are okay with this. On the other hand, on apps like Groww UPI, it shows you the full bank name of the person using the phone number. Is there a justifiable reason behind making such a design choice?
I will compare this to other electronic bank methods. For example, in NEFT, the payee has to fill in the name and account details, along with some more information about the bank, to fulfill the transaction. At no point is it possible to pull any details FROM the server that you already did not have. 
Is it really necessary to have the name as a part of the protocol? Confusingly enough, some apps provide UPI ids with a custom string before the @, to prevent phone numbers from being extracted after a random transaction. However, the reverse is not treated as seriously as the former.
Eager to hear your thoughts on this.
UPI provides fullname as part of the response to solve a problem it created in the first place: Virtual Public Identifiers.
VPAs are meant to be public, readable, and type-able, but also delegated to the PSP. VPAs being user-generated, and with an official sounding suffix (
@kotak) meant you couldn’t trust what was on the left of the VPA.
I used to own
ceo@pnb for a while, and a friend had
npci@upi for a while before NPCI forcefully de-registered these. Similarly, you could have someone create
LIC@upi, and easily defraud users via collect requests.
LIC was in fact the example used in the original specifications. Their are two solutions that UPI invented to fix this concern:
- The idea of “Verified” handles. This didn’t take off. Plus, the existence of Payment Gateways, which would use a singular UPI handle (
razorpay@icici for eg) meant you could get verified handles easily, so they weren’t necessarily trustable.
- Show name of the Bank Account’s primary holder. This stops common VPA confusion frauds, but creates a huge privacy risk, which is well documented.
And that’s where we are today - with anyone who gets hold of your phone number being able to instantly find out your legal name.
Interesting @nemo. Are you aware on how the modern UPI fraud groups mask their identity? It seems to me that we come across many cases of scams that involve the victim sending money to a certain UPI address under false pretexts, but never have I seen closure on such cases. How do they manage to decouple identities when it comes to UPI linked accounts?