Payment API Flaws Exposed Millions of Users’ Data – E Hacking News – Latest Hacker News and IT Security News
Researchers discovered API security flaws impacting several apps, potentially exposing the personal and financial information of millions of consumers.According to CloudSEK, around 250 of the 13,000 apps published to its BeVigil “security search engine” for mobile applications utilize the Razorpay API to conduct financial transactions.
Unfortunately, it was discovered that about 5% of these had disclosed their payment integration key ID and key secret. This is not an issue in Razorpay, which caters over eight million businesses, but rather with how app developers are misusing their APIs.
[ Source : ehacking News]