Jupiter Radar - a data breach alert feature

What is being Pawned?

When Customer’s Personally Identifiable Data is breached by intentional attacks or can be accessible from data dumps.

Would love to see an integration to check Pawned Databases in Jupiter wherein it uses APIs from

• Have I Been Pwned: API v3

• BreachAlarm

• DeHashed

• Internally generated CSV or JSON files sourced from temporary or onion websites.

How would it work?

• This should be a opt-in/opt-out service - similar to Networth feature - and users can select email or number or both.

• Jupiter would run a check every week - in staggered manner (so as to not cross hard limits of API) - using Customer’s email and phone number.

• In case a database breach is notified, Jupiter can alert the user to remove their card from the merchant website/app account and also notify users while doing transactions from the particular merchant code about the breach.

• Internally, Jupiter flag such as accounts as breached, and take extra steps during customer support interactions to prevent social engineering attacks (as last few transactions, personal details and balances can be fetched from the pawned database)

Competitive Analysis:

• Zero Players in Personal Banking.

• Razorpay uses it selectively for merchant fraud protection.

I could put a more detailed system and CX design - if the feature is taken forward.

Card tokenization(mandatory from next year) and 2FA are good proactive solutions.
I assume Jupiter is already attentive and has reactive measures in place for data breaches. Don’t know if notifying users is one of them.
I hope card tokenization becomes a normal soon, data breaches would be useless then.

Card Tokenization is the way to go forward. However, this is not about Jupiter’s own protection and database breach handling policies (RIP Mobikwik)

This is a suggested add-on feature for people to be aware of their email/phone number being associated with a possible breach - also posing a risk to their financial accounts.