In the evolving world of smartphones and sleek applications, Babu Lal emerges as an unlikely hero. Armed with nothing but curiosity and spare time, this digital vigilante has exposed thousands of fraudulent apps lurking on Apple’s App Store and Google Play Store, revealing a darker side of our trusted digital marketplaces.
“I started because I was curious enough and this issue was not being fixed by the app stores,” says Lal, who has spent the last 14 to 15 months identifying and reporting fraudulent applications, particularly those masquerading as financial services.
- Also read: Ways to curb scams over UPI
His crusade comes at a critical time. A recent PwC India survey reveals that 69 per cent of Indian consumers feel their data may not be safe with companies, highlighting a growing trust deficit in the digital ecosystem. The report surveyed 3,233 consumers across 24 cities and 186 organizations, painting a worrying picture of a lack of digital literacy and data protection awareness in India.
Lal’s investigation has led to the identification of over 1,507 fraudulent apps on Apple’s App Store quickly catching up the number of apps that is over 5,700 on Google Play. His method? Looking for telltale signs that most users might miss. “No company just comes out of the blue and trends among the top finance applications,” he explains, describing how scammers exploit established brand names from unrelated fields to appear legitimate.
Google has responded proactively to these challenges. In 2021, the tech giant revised its Play Store developer program policy for financial services apps in India, requiring personal loan apps to either provide RBI licenses or confirm they only facilitate lending through licensed partners. The company further tightened security in 2022, mandating apps to disclose their NBFC and bank partnerships prominently.
“On Google either scammer exploits or they have changed their modus operandi,” Lal notes, acknowledging Google’s efforts while pointing out how scammers adapt by disguising loan apps as innocent “EMI calculators.” Google’s spokesperson emphasizes their commitment: “We continuously update our policies across all our products to keep users safe from emerging threats and bad actors.”
The impact of such scams is particularly concerning given that only 16 per cent of Indian consumers understand the Digital Personal Data Protection (DPDP) Act, according to PwC’s findings. “The biggest challenge right now is lack of awareness,” notes Satyavat Mishra, Head - Corporate IT and Group CISO at Godrej Industries. “While the law is in place, much groundwork is still required to make people understand why it’s important to protect their personal information.”
Google’s latest initiative includes collaboration with the Fintech Association for Consumer Empowerment (FACE) and enhanced Google Play Protect capabilities. The security system already scans 200 billion apps daily, and a successful pilot in Singapore blocked nearly 900,000 high-risk installations. Now, this enhanced protection is coming to India.
“Google they know about this issue, they are trying to solve it,” Lal observes, contrasting this with what he sees as inadequate responses from other platforms. His investigations across countries have revealed shocking statistics – in Mexico, for instance, “66 out of 200 apps were fraudulent” in the top rankings.
The vigilante’s track record speaks for itself: “There are like zero false positives till now, it’s a hundred percent strike,” he proudly states. Yet, the challenge persists, particularly in emerging markets where users might be more vulnerable to financial scams.
The situation is especially critical given PwC’s finding that 56 per cent of consumers are unaware of their rights related to personal data. Even more concerning, 44 per cent of consumers don’t read privacy notices before agreeing to them, making them easy targets for fraudulent apps.
Despite the overwhelming odds, Lal continues his solitary battle against digital fraud. His work has not only exposed vulnerabilities in app store verification processes but also highlighted the crucial need for better consumer awareness and stronger regulatory oversight in the digital marketplace. As digital transactions become increasingly integral to daily life, his vigilante efforts serve as a crucial wake-up call for both tech giants and consumers alike.
This demonstrates that ordinary citizens can play a vital role in making the digital world safer. The digital realm needs more watchful eyes like Lal’s. As scammers evolve their tactics and target vulnerable populations, particularly in emerging markets, the responsibility of safeguarding digital spaces can’t rest solely with corporations or regulators. Every smartphone user can become a digital guardian by staying vigilant, reporting suspicious apps, and sharing knowledge about potential scams. After all, in an age where 69 per cent of consumers fear for their data security, collective vigilance isn’t just an option – it’s a necessity for digital survival.