🚀 Medial Secures Investment on Shark Tank India - Fueling the Future of Professional Social Networking. 🔥

Startup Showcase

Premium Content

Try our Valuation Calculator →

News on Medial

Lenders need OTP consent for KYC data access

Economic Times

Economic Times · 4m ago

Lenders need OTP consent for KYC data access

The Central KYC Records Registry (CKYCRR) mandates one-time password (OTP) consent for accessing KYC data, aimed at enhancing customer data security and trust in the C-KYC system. This requirement, effective from May 2025, means that financial institutions need customer OTP approvals for KYC data access. While industry acknowledges the security benefits, concerns arise over the need for system updates to handle OTPs, potentially complicating digital lending processes and customer onboarding due to the tight implementation deadline.

1

Related News

DPDP Act: parents prefer one-time consent for children's data

Economic Times

Economic Times · 9m ago

DPDP Act: parents prefer one-time consent for children's data

Around 77% of parents surveyed prefer a streamlined consent process integrated into platforms like app stores, reducing the need for constant approvals under the Digital Personal Data Protection (DPDP) Act 2023. This act requires parental consent for processing children's data and limits personalized content for minors. Concerns were raised about the current consent process being burdensome, particularly for low-income and first-time internet users. Additionally, the report highlights that 57% of parents feel restricting personalization would negatively impact their child's online experience, while 63% of children feel uncomfortable needing parental consent for every app or feature. A flexible and one-time consent mechanism is recommended to streamline children's internet access and balance content personalization with data safety.

ETtech Explainer: What the draft rules mean for your personal data

Economic Times

Economic Times · 7m ago

ETtech Explainer: What the draft rules mean for your personal data

The Digital Personal Data Protection (DPDP) Act's draft rules, released by the government, outline new obligations for handling consumer data, emphasizing user consent, data duration, and deletion. For minors, parental consent is now required for social media access. Data localization mandates retention of personal data within national borders. Entities must ensure data protection and notify breaches. Significant data fiduciaries are tasked with annual impact assessments, reporting to the Data Protection Board, impacting how data management procedures are conducted.

Privacy activist Schrems files complaints against Google's Fitbit

Economic Times

Economic Times · 1y ago

Privacy activist Schrems files complaints against Google's Fitbit

Vienna-based advocacy group Noyb has lodged complaints against Google-owned Fitbit in Austria, the Netherlands, and Italy, alleging violations of the EU's GDPR privacy rules. Noyb, led by Max Schrems, has previously targeted tech giants for privacy breaches. Fitbit is accused of breaching GDPR by forcing users to consent to data transfers outside the EU and not allowing withdrawal of consent. Noyb seeks mandatory data transfer information sharing and app access without transfer consent. GDPR violation fines can reach 4% of global revenue. Fitbit's policy to withdraw consent requires account deletion, erasing health data.

DPDP Act draft rules: Social media users under 18 to require parental consent

Economic Times

Economic Times · 7m ago

DPDP Act draft rules: Social media users under 18 to require parental consent

India's new Digital Personal Data Protection Act mandates children under 18 require parental consent for social media access. Draft rules categorize data fiduciaries into e-commerce, gaming, and social media, requiring inactive user data deletion after three years. In case of breaches, fiduciaries must notify both the Data Protection Board and affected users within 72 hours. The rules encourage flexibility in obtaining parental consent and propose potential data localization requirements, with stakeholder feedback invited until February 18.

DPDP Rules: Furore over leeway to some companies on use of kid’s data

Economic Times

Economic Times · 1y ago

DPDP Rules: Furore over leeway to some companies on use of kid’s data

Digital privacy and cybersecurity experts, as well as lawyers, have raised concerns about the introduction and definition of a "consent artefact" in the proposed Digital Personal Data Protection (DPDP) Act. The concept of a consent artefact, which would be a machine-readable electronic record, has raised questions about how consent can be located and revoked. Experts also highlighted issues with the use of digital lockers for age verification and exemptions for educational institutions and healthcare establishments concerning the processing of children's data. The need for risk-based classification and exemptions was emphasized.

Meta flags DPDP Act clauses, seeks government collaboration

Economic Times

Economic Times · 4m ago

Meta flags DPDP Act clauses, seeks government collaboration

Meta has raised concerns over India's Digital Personal Data Protection (DPDP) Act, specifically regarding restrictions on profiling minors, data localisation, and verifiable parental consent. The company emphasizes the importance of personalized experiences and cross-border data transfers in the digital economy. Meta seeks collaboration with the Indian government to balance safety and compliance. Additionally, the company highlights the need for nuanced age-based consent and acknowledges India's pragmatic approach to AI regulation using existing frameworks.

MSME fintechs steal show as consumer lending loses fizz

Economic Times

Economic Times · 1y ago

MSME fintechs steal show as consumer lending loses fizz

Digital lenders focused on unsecured small business loans are gaining traction as regulatory actions and changes in macroeconomic conditions make unsecured consumer loans less appealing. Companies such as Indifi, Lendingkart, Aye Finance, and Kinara Capital are expected to benefit in the MSME lending space. Large private banks are collaborating with fintechs to tap into the underbanked unsecured business credit market. The simplification of MSME registration allows banks to classify these entities easily for priority sector lending. Delinquency rates have dropped, prompting lenders to shift focus to the MSME sector. Challenges include the need for physical KYC and the cost it incurs for digital lending operations. However, fintechs in this space are showing stronger financials, attracting traditional lenders for co-lending partnerships.

Mutual fund KYC March 31 deadline: Existing investors get some relief

Money Control

Money Control · 1y ago

Mutual fund KYC March 31 deadline: Existing investors get some relief

Mutual fund investors received a last-minute extension to revalidate their know-your-customer (KYC) records, allowing them to continue transactions without interruptions. Existing investors no longer need to redo their KYC for their current investments, but they still need to validate their mobile number and email ID. New investors must complete KYC based on officially valid documents specified by the KYC registration agencies. However, there is a lack of clarity regarding communications from registrar and transfer agents (RTAs) and KYC Registration Agencies (KRAs), leaving out direct plan investors.

75% consumers unaware of masked Aadhaar as identity proof: survey

Economic Times

Economic Times · 10m ago

75% consumers unaware of masked Aadhaar as identity proof: survey

Over 75% of surveyed individuals are unaware that a masked Aadhaar is a valid proof of identity. Additionally, 72% are uninformed about the rules regarding handling minors' data and the need for parental consent. These findings are part of a report by PwC, which also revealed that only 16% of consumers are aware of the Digital Personal Data Protection Act. The report emphasized the need for greater awareness about personal data rights and highlighted concerns over data breaches. It further revealed that organizations have been slow in understanding and implementing the data protection act.

Worldcoin fails to get injunction against Spain's privacy suspension

TechCrunch · 1y ago

Worldcoin fails to get injunction against Spain's privacy suspension

Spain's data protection authority, the AEPD, has been granted an injunction against controversial eyeball scanning startup Worldcoin. The temporary suspension was ordered due to concerns over the collection of biometric data, specifically the risks to individuals' rights and freedoms, including those of minors. The Madrid-based High Court supported the AEPD's decision, emphasizing the need to prioritize the public interest. Worldcoin's services will remain suspended in Spain for up to three months. The court also highlighted concerns over the validity of legal consent claimed, lack of information provided, and issues with personal data deletion and withdrawal of consent.

Trackers

Active Indian VC’s

OG Capital Email

With a hands-on approach, OG Capital aims to invest in over 20 promising...

Accel Partners Email

Early and growth-stage investments in disruptive technology companies with...

Early-stage venture capital firm investing in technology startups in India. Focus on...

Access All Trackers

Startup Showcase Winners

June 2025

Helping your parents when you are miles away

The Pit Stop Your Cravings Deserve

The next generation E-commerce platform

Enter Ongoing Startup Showcase

Top Users

Trending News on Medial

Just Months After Promotion, Open ...

Microsoft locks down a building a ...

Gaming Ban Stumps Cricket: Virat ...

Download the medial app to read full posts, comements and news.