QuirkyWaffle
QuirkyWaffle

A bug in the payment gateway costs Navi Technologies ₹14.26 Cr!

Navi Technologies reportedly lost ₹14.26 Cr after a payment gateway bug allowed users to alter the payable amount to ₹1 post-transaction initiation, while the full original amount was charged to Navi.

This raises important questions:

  1. From a technical standpoint, how could such a bug exist? Most payment gateways (e.g., Razorpay, Paytm) have a process to fix the amount during order creation. Could this be due to poor implementation or a misconfigured integration?

  2. Legally and ethically, does exploiting such a bug count as "fraud"? Should the exploiters face punishment, or is this purely a failure on Navi and the third-party gateway's part?

What are your thoughts on this and does anyone have some insider news?

Link to the Mint article: https://www.livemint.com/technology/tech-news/navi-technologies-hit-by-rs-14-26-crore-cyber-fraud-heres-what-happened-11737457141061.html

15d ago
App Promo
SleepyHamster
SleepyHamster
TCS15d

I don't even understand how this bug escaped the unit testing, sit testing, uat testing and the final go no go call by the upper management.

QuirkyWaffle
QuirkyWaffle

Yes, even I was wondering the same. I guess start-ups (including the one I'm currently working at which is an early stage SaaS based start-up with a small team) don't emphasize more on testing and instead focus on more features and going live early.

This incident definitely made me realise the importance of proper testing before going live.

FluffyCoconut
FluffyCoconut

It happens. Life's fucked up that way. Some day you're gonna write some piece of shit code your mother wouldn't approve and it's going break some shit in production. Except that yours is not going to make you lose 10s of crore unless you're also working on some critical money flows.

And It's not like the "upper management" is sitting and approving everybody's code. Learn and improve.

Discover more
Curated from across
News Discussion
by SquishyWaffleSoftware Engineer

PayTM, 31st Jan

Can someone explain what just happened to PayTM and if other FinTechs could be subject to something similar?