#WorldConsumerRightsDay #FairDigitalFinance #HallOfShame - The UX 'green' pattern goes to @juspay for visually decieving to obtain consent.
---
RT @logic
The merchant - before the #2FA page, redirected to #JusPay page which said "Secure your card with VISA" and had an "Secure & Pay" in a big green button and "Opt Out" in a smaller font plain link.
https://twitter.com/logic/status/1464831468644057096
#WorldConsumerRightsDay #FairDigitalFinance #hallofshame #2fa #JusPay
Related - #CoFT implementation in India. Mandatory in 2022. 💳🗄️🇮🇳
---
RT @logic
#CashlessConsumer #CoFT aka Card on File Tokenization - implementation by #JusPay for several merchants - where #Consent is taken without providing *any* details, except saying "RBI Guidelines" and using the word "Secure" in misleading way 🧵
https://twitter.com/logic/status/1464822516459966474
#CoFT #cashlessconsumer #JusPay #consent
https://twitter.com/logic/status/1464834149999685633
Correction - #JusPay / #TokenRequestors will be storing merchant scoped tokens and not the card number. Still - a new intermediary will now know of your transactions
---
RT @logic
It is important to note that #RBI has allowedt third parties like #JusPay to store card details and act as #CoFT service provider - with no checks and balances.
For example - the same #JusPay lost card details t…
https://twitter.com/logic/status/1464834149999685633
#JusPay #TokenRequestors #rbi #CoFT
It is important to note that #RBI has allowedt third parties like #JusPay to store card details and act as #CoFT service provider - with no checks and balances.
For example - the same #JusPay lost card details to a databreach. https://www.hackread.com/juspay-data-breach-card-data-sold-dark-web/
It is important to note that #RBI has allowedt third parties like #JusPay to store card details and act as #CoFT service provider - with no checks and balances.
For example - the same #JusPay lost card details to a databreach. https://www.hackread.com/juspay-data-breach-card-data-sold-dark-web/
Note the URL - http://api.juspay.in/v2/txns/consent/<merchantName>/<referenceId>
The page didn't have any information - on whom I am consenting, what am I consenting, under what terms? That's classic example of how NOT to collect consent #JusPay
Note the URL - api.juspay.in/v2/txns/consent/<merchantName>/<referenceId>
The page didn't have any information - on whom I am consenting, what am I consenting, under what terms? That's classic example of how NOT to collect consent #JusPay
Just like how #RecurringPayments created new intermediaries #SIHub #MandateHQ for processing mandates, #CoFT introduces new intermediaries when you want to use "Saved Cards" from any merchant. #JusPay is one such #CoFT service provider.
#RecurringPayments #SIHub #MandateHQ #CoFT #JusPay
Just like how #RecurringPayments created new intermediaries #SIHub #MandateHQ for processing mandates, #CoFT introduces new intermediaries when you want to use "Saved Cards" from any merchant. #JusPay is one such #CoFT service provider.
#RecurringPayments #SIHub #MandateHQ #CoFT #JusPay
#CashlessConsumer #CoFT aka Card on File Tokenization - implementation by #JusPay for several merchants - where #Consent is taken without providing *any* details, except saying "RBI Guidelines" and using the word "Secure" in misleading way 🧵
#cashlessconsumer #CoFT #JusPay #consent
#CashlessConsumer #CoFT aka Card on File Tokenization - implementation by #JusPay for several merchants - where #Consent is taken without providing *any* details, except saying "RBI Guidelines" and using the word "Secure" in misleading way 🧵
#cashlessconsumer #CoFT #JusPay #consent