TEMPO.CO, Jakarta - A Facebook user named Niko Tidar Lantang Perkasa claimed he could access user’s data of Grab, Gojek, and Tokopedia by encrypting a financial technology (fintech) lending app.
“Not only that, this app can also record the history of your Grab and Go-Jek trips, I can see detailed data on pick-up location and destination, customer’s and driver’s phone number, email, GoPay balance, and vehicle plate of drivers,” said Niko as quoted from his Facebook on Thursday, July 25.
Niko said he was shocked to have been able to find many weaknesses and data from the third application which he refused to name.
“The app’s database can be accessed publicly without authentication. From there I can see thousands users’ data; starting from phone number, full name, full address, relatives’ numbers, family card number, ID card number, until the photo of an ID card as well as users’ selfie photo,” he added.
Responding to the issue, Grab Indonesia CEO Ridzki Kramadibrata assured the security of its users' data and he committed to continuously protect consumers’ rights.
“Since the beginning, we are committed on consumer protection, we protect our users’ data,” said Ridzki in Kuningan, South Jakarta, Thursday, July 25.
He explained his corporate had never distributed personal data of users, but only strategic marketing to business partners.
The post by Niko Perkasa regarding the fraud of fintech has gone viral on social networking sites. As of Thursday, July 25, the thread gained over 500 comments and had been shared more than 1,300 times on Facebook.