Talk about government projects in India, and most people sigh in resignation. Government projects have traditionally been beset with dysfunction, delayed timelines, and substandard execution, and private companies have made the most of the opportunity. But the government’s BHIM app, used for making transfers over UPI, is doing things very differently.
On 6th January, a week after the app was released, a Facebook user wrote a detailed post about why he felt the BHIM app was insecure. “The following post is not to malign or shame the Government or any agency, but to make them aware of the risks in the cyber security domain,” wrote Sameep Agarwal on Facebook. He then outlined why he thought the app had serious security flaws. He said that the app was not written in native code, its crypto(graphy) was non existent, the code wasn’t obfuscated, the app had commented code, and had issues which could lead to data leaks.
By this point, the BHIM app was already gathering momentum. It had already been downloaded over a million times, and was very much in the public eye. Agarwal’s post was subsequently shared by several large Facebook pages, and eventually went viral. People began sharing the post, voicing concerns about the app.
Now it’s hard to get the government to usually comment on individual concerns of the public. There’s usually too much feedback, and its easy to get overwhelmed when your product is being used by millions of people. But on the very same day that Agarwal had created his post, BHIM’s official Facebook page put out a detailed clarification.
The post was published at 10:20 pm, less than 12 hours after the original post had been created. And it wasn’t written by a social media intern – the post delved into the details of the technology behind the app, and served to allay the concerns. What’s more, the post even admitted a mistake – Agarwal had pointed out there was uncommented code in the app which could slow down performance. “Thanks for the feedback. We will look into removing the commented code and reduce size,” BHIM app replied.
Now anyone who’s dealt with a government organization would know that this isn’t how the typical interaction with government employees works. Getting a response is rare; getting a detailed response in which you’re thanked for your feedback is even rarer. And this shows that BHIM isn’t being run like a typical 9-5 government office. There was someone manning the social media handle at 10:20 pm who sent out the response on its official Facebook page.
And the results are showing. BHIM has already been downloaded over a crore times, and still retains a solid rating of 4.0 on the Play Store. Within 10 days of its launch, its left private competitors, such as Flipkart’s PhonePe, HDFC’s UPI behind. And that’s perhaps down to the way the organization is being run. If your tech team and customer service can start acting like they care about their products, government agencies can compete with private players – and beat them at their own game.