Hackers claim Jio Chat sending unsecured data; RJIL denies
A group of hackers has claimed that Reliance Jio Infocomm's mobile messaging app Jio Chat transmits users' data in unsecured form to servers located in China, a charge denied by the company. "We took apart Reliance Jio app & found they are using Chinese geolocation mapping service. It shows that Reliance is using a geolocation which is China-based service," said AnonOpsIndia, a twitter account claiming to represent a group of hackers.
"There is no encryption between the person using Jio chat app and Chinese company amap. Hence, it makes it <g data-gr-id="45">lot</g> easier for the Chinese hackers to snoop over your data," AnonOpsIndia tweeted.
Reliance Jio Infocomm (RJIL), however, termed it "unfounded and malicious allegations against Jio Chat App" and said "'Anonymous' posters often raise false alarms by quoting items such as this out of context."
China does not support Google Maps (or for that matter, any Google applications) and thus, for location based services within China, a Chinese-based mapping service is required, it said. "This is a common practice for any app wishing to provide location-based services within China. However, when used Globally, Jio Chat (outside of China) always uses Google Maps. (This can be checked by anyone by using Jio Chat Location Sharing function)," RJIL said.
<g data-gr-id="51">Jio</g> Chat is a mobile application with functions similar to that of WhatsApp, Viber etc. RJIL said that the code base has reference to a number of servers, in the comment <g data-gr-id="47">area</g> but it is not executable code which means references are not used by the application while running.
"Proper and complete examination of the code would show that the app does not transfer data to any servers outside of India," RJIL said. The AnonOpsIndia found that data of <g data-gr-id="49">Jio</g> Chat users sent to Chinese servers is in HTTP format which is susceptible to hacking.
"It's plain <g data-gr-id="37">http</g> request being made. Anyone can snoop at the data being transmitted. Your ISP, gov(<g data-gr-id="38">ernment</g>), hackers etc, anyone can! Now why we claim this is an app Made in China but for Indian users." The hacker found some programming code written in Chinese script and questioned "why would Indian engineers write debug <g data-gr-id="39">ligs</g> in Chinese?"
"The service is fully encrypted using standard protocols. The encryption levels are being further enhanced in the coming upgrade of the App," RJIL said.
RJIL said <g data-gr-id="40">Jio</g> Chat is developed by developers across the world, including India. "Occasionally these developers use their native language while writing comments within the APK to better understand the problem. We are committed to having the best talent working on our products, regardless of race, nationality, gender, or native tongue. India embraces diversity, and, as a company, we do too," RJIL said.