wordpress blog stats
Connect with us

Hi, what are you looking for?

Exclusive: MobiKwik accused of using tactics similar to Chinese loan apps for securing repayment

Researchers tracking loan apps indicate that this isn’t an isolated incident given that there are no regulations in place.

At a time when Chinese loan apps are being criticised for imposing exorbitant interest rates and employing predatory practices, fintech company MobiKwik (which was looking to go public until recently) has been accused of resorting to similar, ethically-dubious practices for securing the repayment of a loan availed from its platform.

This particular incident pertains to Bharath C Raghurama, a 34-year-old native of Karnataka who is currently based in Gujarat. Raghurama had availed an instant loan offered by MobiKwik in December and his repayment was scheduled for the end of the month. But when Raghurama was not able to pay it by the stipulated deadline, MobiKwik agents started harassing him over WhatsApp, it is learnt. They warned him that if he is not able to repay the sum as soon as possible, then friends and family would be informed about the situation. They also appended a list of his ‘key contacts’ as proof that they have access to the details of his friends and family.

We reached out to co-founders of MobiKwik Bipin Preet Singh and Chandan Joshi, Associate Director and Head of PR and Communications Amandeep Arora, and another PR group associated with MobiKwik with specific queries in this regard. However, we are yet to receive any response from them.

Several people have ended their lives due to harassment from representatives of unauthorised digital lending apps, many of which were found to have ties with Chinese nationals. Agents of such unregulated apps also allegedly threatened to start reaching out to people on victims’ contact lists.

This is harassment and breach of privacy: Victim

“How did MobiKwik get access to my contact list? I did not share with them at any point. This is a breach of privacy. How could they do this?” — Bharath C Raghurama

Raghurama said that he plans to approach the Reserve Bank of India to register a complaint in this regard. He also shared screenshots of the conversation that he had with the MobiKwik agent.

Advertisement. Scroll to continue reading.

Note: Sensitive details such as names and phone numbers of Raghurama’s friends and family have been redacted in the following image.

Appending Raghurama’s contact list, MobiKwik agents warn that people in the list will be informed if he does not pay.

The MobiKwik agent was in touch with Raghurama over phone and WhatsApp for the better half of a month. They also called him numerous times, to remind him of the repayment. It was only in February, as per the screenshots, that the person who identified themselves as being from the MobiKwik Loan Team, texted Raghurama his key contact details including phone numbers of his father and mother, among others. Raghurama also dismissed the agent’s contention that he did not respond to their pleas for repayment.

MobiKwik responds over Twitter: When Raghurama first raised the issue on Twitter, MobiKwik responded to his tweet and later contacted him via direct message. Here are screenshots of his conversation with the MobiKwik support team.

Raghurama’s conversation with MobiKwik Support

While MobiKwik apologised for the ‘inconvenience’, it also stated that “all lending companies follow necessary resources to collect money owed by customers if they have not repaid on time,” and said that “process-wise, contacts are only called if the customer is late in repayment.”

This is not a one-off incident: SaveThem India Foundation

SaveThem India Foundation, a team of cybersecurity researchers and criminologists, has been investigating predatory loan apps in India since March 2020. Sandeep Kumar Sahoo, the director of the foundation, told MediaNama that this practice is not just restricted to obscure apps offering instant loans but has been getting prevalent in recent days in regards to more mainstream, RBI-regulated financial platforms such as MobiKwik.

“Majority of companies, hire or outsource their outreach/calling department. For instance, a BPO calling centre/customer care centre takes projects from different companies. A lending application may give data to the third party and give them the responsibility of recovering the money for a certain sum.” — Sandeep Kumar Sahoo of SaveThem India Foundation

Sahoo alluded that the rise of such predatory practices was due to the negligence of authorities as well as loopholes in India’s legal system. “India still does not have a data protection law,” he added.

MobiKwik faced a cybersecurity breach last year

In 2021, sensitive data belonging to millions of cardholders and users stored on MobiKwik’s servers has been compromised and put up for sale online, according to several security researchers. The data breach was first reported by cyber security researcher Rajshekhar Rajaharia back in February 2021.

The data dump, around 8.2 terabytes worth, allegedly belongs to users of the payments application and includes their sensitive financial and personal information. It includes:

Advertisement. Scroll to continue reading.
  • Leaked database contains 8.2 TB worth of data, 36 million files containing KYC information belonging t0 3.5 million people
  • Around 7.5 TB worth of KYC data pertaining to over 3 million merchants on MobiKwik’s network.
  • Includes a total of 350 GB of MySQL dumps that include 500 databases
  • Contains 99 million users’ phone numbers, emails, hashed passwords, addresses, bank accounts and card details
  • Over 40 million card details, up to 10 digits, have also been leaked with month, year and card hash data

Also Read:

Have something to add? Post your comment and gift someone a MediaNama subscription.

Written By

Among other subjects, I cover the increasing usage of emerging technologies, especially for surveillance in India

MediaNama’s mission is to help build a digital ecosystem which is open, fair, global and competitive.



Looking at the definition of health data, it is difficult to verify whether health IDs are covered by the Bill.


The accession to the Convention brings many advantages, but it could complicate the Brazilian stance at the BRICS and UN levels.


In light of the state's emerging digital healthcare apparatus, how does Clause 12 alter the consent and purpose limitation model?


The collective implication of leaving out ‘proportionality’ from Clause 12 is to provide very wide discretionary powers to the state.


The latest draft is also problematic for companies or service providers that have nothing to with children's data.

You May Also Like


Google has released a Google Travel Trends Report which states that branded budget hotel search queries grew 179% year over year (YOY) in India, in...


135 job openings in over 60 companies are listed at our free Digital and Mobile Job Board: If you’re looking for a job, or...


Rajesh Kumar* doesn’t have many enemies in life. But, Uber, for which he drives a cab everyday, is starting to look like one, he...


By Aroon Deep and Aditya Chunduru You’re reading it here first: Twitter has complied with government requests to censor 52 tweets that mostly criticised...

MediaNama is the premier source of information and analysis on Technology Policy in India. More about MediaNama, and contact information, here.

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ

Subscribe to our daily newsletter
Your email address:*
Please enter all required fields Click to hide
Correct invalid entries Click to hide

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ