AI Score
Confidence
High
EPSS
Percentile
59.9%
The National Payments Corporation of India BHIM application 1.3 for Android relies on three hardcoded strings (AK-NPCIMB, IM-NPCIBM, and VK-NPCIBM) for SMS validation, which makes it easier for attackers to bypass authentication.
github.com/magicj3lly/appexploits/blob/master/BHIM-App-PreliminaryReport.pdf