NEW DELHI: Hackers and fraudulent customers have stolen Rs 7.38 crore by tampering and manipulating the authorisation process of Razorpay Software to authenticate 831 failed transactions, according to a police complaint lodged by the payment gateway company.
In his complaint to the South East Cyber Crime Cell lodged on May 16, Razorpay's Head of Legal Disputes and Law Enforcement Abhishek Abhinav Anand said the company was unable to reconcile receipt of Rs 7.38 crore against 831 transactions.
On contacting its 'authorisation and authentication partner' Fiserv, a fintech and payments company, it was communicated to Razorpay that these transactions had failed and were not authorised or authenticated, the complainant said.
Following the communication from Fiserv, Razorpay conducted an internal investigation and found 831 transactions against 16 unique merchants of Razorpay, from March 6 to May 13 this year "to a tune of Rs 7,38,36,192", the complainant said.
"These 831 transactions were marked as failed or unsuccessful by Fiserv, owing to authentication and authorization failure. However, it is found out that certain unknown hackers and fraudulent customers have tampered, altered and manipulated the 'authorization and authentication process'…," Anand said in his complaint.
Due to this, false altered communications as 'approved' were sent to Razorpay system against the 831 transactions, resulting in losses to a tune of Rs 7,38,36,192 to Razorpay," Anand further said.
On receiving the false altered communications, Razorpay further sent a confirmation to their merchants for the fulfilment of the order and made settlements to its merchant, he stated.
In this connection, Anand furnished the details of the fraudulent transactions along with the date-time and IP address, along with other relevant details to the police for inquiry.
The police said they are investigating the matter.