Paytm Android App Asking for Root Permission, Company Says to Collect Mobile Details

Earlier this week, reports emerged that Paytm was found to be asking for root privileges on Android devices. Now, an avid user of Android would know that it’s very unlikely and questionable that a reputed brand like Paytm asks for root permissions from their users. The Paytm support team was then contacted by folks at Beebom on Twitter after this issue came to surface, and it was apparent that they didn’t have a solid justification for the trouble caused. Their reply turned out to be highly unsatisfactory. Paytm said that the app asked for root permission ‘just to gather details about the device and its OS version.’


Now, it’s fairly well known that even though apps require access to this information but Android has measures in place in their OS natively to cater to these requests from the applications. Given this fact, the asking of root access from the Paytm was an absurd request. To add to the problems, upon further enquiry the Paytm team stopped replying to the messages.

A simple google search on the term ‘root access’ will tell people that even though these permissions can be used to tweak one’s devices internally, they can also be misused against the users to obtain data and make undesirable changes to the device. There also exist other payment apps like BHIM which similarly ask for root access but eventually depend on the Android’s SafetyNet technology to get them the required information about the device and the Android version. Now it really becomes a concerning question that Paytm being a highly renowned brand in India, dealing in mobile payments where security is of the top concern, is asking root access from the users putting their security at risk.

Finally, this question could only be answered over twitter where this matter was taken up on by Baptiste Robert, a French security researcher who often takes interest in the security measures of Indian tech companies and is fairly known on Twitter as Elliot Alderson.

He contacted Paytm and raised questions about the root access issue. His conversation with Sr. Vice President at Paytm, Deepak Abbott ended with Abbott telling him that the app was requesting root access simply to alert the user. After some days, while the conversation kept going on Twitter Paytm finally managed to come up with an update which fixed the issue about the app asking about the root user permission.


Due to an upfront interference by Elliot Alderson, the issue was finally solved, and the app has stopped asking for superuser request, but it is disturbing even to think that it happened in the first place in a very large scale company which deals with millions of users. This obviously makes us wonder about the security measures these companies take to ensure user privacy and security. The ethical implications of the same can be very deeply inflicting.

We believe that Paytm is not the only company to put aside ethics and security aside in the race of payment companies. More brands like BSNL and Truecaller have also been in the limelight for all the bad reasons. So it can be concluded that when it comes to the question of data security, privacy and protection there are some very big flaws which are often overlooked in the Indian tech scene.

Almost every smartphone user in India knows about Paytm, being the leading mobile payments company in the country. Even though there has been tough competition from the likes of Google, Paytm has managed to retain its position on the top and has become favourite of the Indian users. But this fact doesn’t save Paytm from being surrounded by controversies. Paytm was also caught in a fight between Facebook on the issue of users’ data security but the payment giant itself hasn’t been too innocent when it comes to the security of its own users and their privacy.

Reported By

Leave a Reply

113 Comments on "Paytm Android App Asking for Root Permission, Company Says to Collect Mobile Details"


Sort by:   newest | oldest
Kiran Fernandes | Goa
March 12, 2018 7:22 pm 7:22 PM

Are you guys sure about this? I checked magisk supersu details and no paytm isn’t in the list. And about paytm update, all apps are updated and I’m on AEX(AOSP Extended) 8.1.0, and paytm never asked for root access.

Here’s the apps that have been granted root access.

Jyotirmoy Manna, Kolkata-Howrah
March 13, 2018 1:58 pm 1:58 PM

Which handset are you using with AEX and MAGISK?

March 14, 2018 2:15 am 2:15 AM

He is using Redmi Note 4!!!!!!

Priyansh Singh
March 14, 2018 8:31 am 8:31 AM

He yaa She?

Kaushik IMA
March 12, 2018 7:50 pm 7:50 PM

Paytm fixed the issue within 48 hours of first report.

Kiran Fernandes | Goa
March 12, 2018 10:19 pm 10:19 PM

Oh then that’s good on paytm’s part

Airtel User
March 13, 2018 12:10 am 12:10 AM

Thats like they tried to steal but then became saint.

Priyansh Singh
March 14, 2018 8:32 am 8:32 AM


Girish Gowda | BengaLuru
March 13, 2018 10:27 am 10:27 AM

They are just covering their own behinds.

March 12, 2018 6:06 pm 6:06 PM

Any alternative app to pay bills and fines besides paytm?

Airtel User
March 13, 2018 12:11 am 12:11 AM

Depends what kind of stuff you wanna pay simple debit card is good, then BHIM and if very specific ones then your bank wallet or airtel money and not airtel payment banks.

Priyansh Singh
March 14, 2018 8:33 am 8:33 AM

Both are one and the same thing. Every Wallet Entity has been subsumed by their Respective Payments Bank.

Airtel User
March 15, 2018 2:55 am 2:55 AM

No they are not atleast in airtel case.

Priyansh Singh
March 15, 2018 6:41 am 6:41 AM

Go and read their T&C’s. They’re Same Bro.

March 12, 2018 1:22 pm 1:22 PM

Google should be blamed first for providing that option in Android. But they don’t care (a lot) about security in Android as long as they get their advertising money from YouTube and from your usage data on your phone.

The programers these app development companies hire are a joke – at least when it comes to security consciousness, or they consider users as fools who know nothing. PayTM is known to be a shitty company anyway.

Airtel User
March 12, 2018 4:29 pm 4:29 PM

Its good you are speaking truth, android is not as secure as iOS.

Priyansh Singh
March 14, 2018 8:34 am 8:34 AM

So the Ice is melting. Good to see that. 🙂

Airtel User
March 15, 2018 2:56 am 2:56 AM

Ice ?

Priyansh Singh
March 15, 2018 6:43 am 6:43 AM

The Ice which was Frozen b/w you & DM is melting now?

March 12, 2018 10:20 pm 10:20 PM

You can jail break ios too. But ios is not as famous as android which works on Unix which I am sure every IT student would have leant.

Airtel User
March 13, 2018 12:14 am 12:14 AM

Sandy even after jailbreak its more secure compared to stock android. But if not jailbreaked then its the most safe OS out there, even FBI wasnt able to break into iPhone now every one know FBI !

Girish Gowda | BengaLuru
March 13, 2018 10:26 am 10:26 AM

Also not to forget the massive data breaches that take place on Apple quite regularly. Hackers toy with anything Apple.

Airtel User
March 13, 2018 7:07 pm 7:07 PM

Girish, do share links of such data breaches ?
FBI was never able to break into iphone in fact they hired third party after paying million dollars i.e. 6 crores rs to break into a single iphone. After this also it was partially accessed.

Girish Gowda | BengaLuru
March 13, 2018 10:25 am 10:25 AM

Who lied to you? FBI has access to all iPhones for over a year. They keep breaking it.

Priyansh Singh
March 14, 2018 8:37 am 8:37 AM

Haven’t you heard of that Case in America where a Pakistani National opened fire killing 13 People and FBI couldn’t unlock its phone. Even the Court rules that they can’t order Apple to unlock that phone. Then Apple took help of some other private Agencies.

FBI don’t have access to iOS.

March 12, 2018 6:05 pm 6:05 PM

Google cares less agreed. Paytm is shitty agreed. But even ios is crap. Apple itself takes all ur info much more than they shud. Basically, u r not safe with any OS for sure. No need to an android ios battle here.

Priyansh Singh
March 14, 2018 8:38 am 8:38 AM

+10 Atheist. If you share your data online with any company. They keep it with them for reference. Security Breaches happens when the servers of the company are maliciously attacked to leak data. Or someone deliberately want to do it.

Airtel User
March 15, 2018 3:00 am 3:00 AM

Mr priyansh not in the case of iphone as everything is stored on the device and not at servers also if you want to store something on icloud it can only be accessed by you, otherwise FBI wouldnt have spent 6 crore to hack a single iphone.

Airtel User
March 13, 2018 12:16 am 12:16 AM

People who havent uses iOS generally perceive it to be crap. They dont collect all is stored on the device itself and forget root premissions even truecaller dont get permissions !

Priyansh Singh
March 14, 2018 8:41 am 8:41 AM

+1 AU

March 13, 2018 10:52 am 10:52 AM

Ive owned iphone 5S. iOS is as shitty as android security wise.

Airtel User
March 13, 2018 7:10 pm 7:10 PM

Atheist its good you owned 5S but back then you knew how android was !!
I own iPhone X and its best phone out there and far more advanced then any android device. It was more secure then also today also and it will be in future also, you know it dont make up things.

Priyansh Singh
March 14, 2018 8:40 am 8:40 AM


Ruchit Shah (Gujarat)
March 13, 2018 8:47 am 8:47 AM

Very true.. all encryption is stored on the phone itself. Apple has already said that even we dont have any decryption key as it is stored on the device itself.

Priyansh Singh
March 14, 2018 8:40 am 8:40 AM


Airtel User
March 13, 2018 7:11 pm 7:11 PM

+1 ruchit but xiaomi vivos oppos dont get that thing “SECURITY”.

Priyansh Singh
March 14, 2018 8:39 am 8:39 AM

But they have Moonlight, Sunlight Selfie. 😉