PayID data exposed by unnamed financial institution

By on
PayID data exposed by unnamed financial institution

PayID records have been exposed by a client-side vulnerability at an unnamed financial institution.

The issue was revealed by NPP Australia, the company co-owned by 13 financial groups including the ‘Big Four’ banks that share the co-developed New Payments Platform, a real-time payments platform.

Data including PayID names and account numbers were exposed by an unnamed financial institution introduced to NPP by payment solutions provider Cuscal Limited.

Cuscal advised that the technical issues leading to the exposure was immediately resolved, though didn’t mention how many PayID customers' records were affected.

NPP also noted that a PayID name and account number aren’t enough to make a withdrawal without specific involvement from the customer.

“NPP Australia has regulations in place that prohibit disclosure of account data and that require participating financial institutions to have controls to monitor, detect and shut down any attempts to misuse the PayID service,” the company said in a statement.

“These regulations incorporate suspension of access to the PayID service by organisations not meeting these requirements, and were recently strengthened by the introduction of non-compliance charges which are expected to be also applied where these controls are not implemented.”

NPP added that it has since commenced implementing more targeted cybersecurity requirements for its members in an effort to shore up its security controls.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © CRN Australia. All rights reserved.

Most Read Articles

You must be a registered member of CRN to post a comment.
| Register


What will be your biggest business challenge for 2020?
Slow economic growth and its impact on customers
Transitioning to an MSP model
Finding and retaining skilled staff
Finding time to work ON the business as well as IN it
No challenge: 2020 will be non-stop unicorns, rainbows and fun!
View poll archive

Log In

Username / Email:
  |  Forgot your password?