security

Airtel confirms security flaw in mobile app, says issue fixed – Gadgets Now


Airtel has admitted a security bug in its mobile app. The company fixed the flaw after it was brought to its notice. The vulnerability in app of the country’s third-largest mobile network Airtel was discovered by Ehraz Ahmed, an independent security researcher. The bug was found in the Application Program Interface (API) of Airtel’s mobile app.

Confirming the security glitch to Times of India Tech-Gadgets Now, an Airtel spokesperson said in a statement. “There was a technical issue in one of our testing APIs, which was addressed as soon as it was brought to our notice. Airtel’s digital platforms are highly secure. Customer privacy is of paramount importance to us and we deploy the best of solutions to ensure the security of our digital platforms,” said the company in a statement.

Ahmed has also published a
case study and a proof of concept video of the flaw online.

“The flaw exists in one of their API that allows you to fetch sensitive user information of any Airtel subscriber,” claims Ahmed in the case study. This information, according to him, includes details like first and last name; gender; email; date of birth; address; subscription information, device capability information for 4G, 3G & GPRS; Network Information; activation date, user type [Prepaid/Postpaid]; and current IMEI number.

The vulnerability is said to be put the information of over 325.5 million Airtel subscribers in India at risk.





READ SOURCE

Leave a Reply

This website uses cookies. By continuing to use this site, you accept our use of cookies.