Security experts warned that the emergence of payment forms in the Telegram messenger could lead to an increase in fraud on the platform.
The innovation threatens the spread of fake trading platforms, said Kirill Solodovnikov, CEO of Infosecurity a Softline Company. There will also be an increase in the number of channels and chats that will offer users to take part in fake bonus and other promotions.
The director of the block of expert services Bi.Zone Evgeny Voloshin believes that fraudsters will take advantage of the absence of any means of verification of channels and accounts in Telegram. This will be the main reason for the growth in the activity of cybercriminals.
In addition, new opportunities can provoke the seizure of existing trading platforms with the subsequent substitution of payment details.
Also, big risks lie on the side of companies that provide payment integration, since the payment interface implementation scheme (payment API) involves integration with third-party services, which may have vulnerabilities, Voloshin noted.
“In our practice, there have been examples when the payment API was implemented with security holes: during the penetration test of one of these integrations, it turned out that you can download a list of bank card numbers of those who made payments through this interface,” Kommersant quotes him. »On Wednesday, April 28th.
The fact that the Telegram management is going to add direct sales of goods and services to the messenger became known on April 19. Previously, they were only available through special bots. Payment can be made using third-party payment systems, such as Sberbank, YuMoney, Tranzzo, Stripe, Click, Payme, LiqPay and Ecompay.
On April 26, Telegram allowed accepting credit card payments in any chat.