When I read the news of someone using a fake paytm payment receipt generator App to cheat the shops buying goods but not paying actual amount, I got quite surprised and decided to dig into which are these apps and can someone really use it to do fake payments? Plz keep in mind that my study is limited to educational and research purpose only and I strongly recommend refraining using such apps for illegal or unethical purpose.
So lets begin by going through the news which attracted my attention !
Fake Paytm payment receipt generator app used to dupe stores!
2 students held for using fake Paytm to dupe supermarket store of Rs 30,000
Shopkeepers duped of Rs 7,000 by using fake Paytm app
Fake Paytm app used to con shopkeepers in Hyderabad
Now if you read the news carefully you will get names of fake apps which can help you generating the payment receipts without using actual paytm app! Again note that this is illegal use and those people using it got jailed by police, so do not ever think and attempt it.
These Fake apps are not available on Google Play Store
First thing I did is searched on Google play store for fake paytm payment apps and found that no such app is available on the official google play store!
It clearly shows that Google does not support any such activity which can encourage illegal activities, which is really good gesture from Google.
So I went on and Googled it for any such App available on other websites and found similar apps.
I downloaded most of them and found that only one is working find which is called as Spoof Paytm App, all other apps were asking for unnecessary permissions like using the phone book, calling permissions, location services which I felt totally irrelevant and suspicious, so I uninstalled such apps immediately.
So I downloaded the following apps and tried / tested it on my mobile
WARNING:
I took care to use a Android mobile phone which is formatted and do not have any contacts and financial apps / information available so as to protect myself from any damage using Apps out of Google Play store.
I also suggest you not to try installing any unknown apps on regular use mobile, since it can cause damage by stealing important information from your mobile phone.
So lets have a look at the first App that I tried –
Spoof Paytm APK – download link
Out of all apps downloaded the Spoof Paytm app works as it says, what I mean that it does generate a Paytm fake payment receipt copy which looks exactly same as the real Paytm payment receipt.
All you have to do it download and install the App.
Also this app does not ask for any extra permissions from you for location or contacts etc. which I felt comparatively safe to try for.
After you open the App, all you have to do it enter the Name, Phone number (to which you are going to show payment), amount paid, wallet balance – and after you press submit button, it immediately shows a fake payment receipt, precisely looking like a real receipt!
Again one more time I would like to WARN you from using it for any illegal or unethical purpose
The second app I came to know through the news (refer to both news I have given at the beginning of this post) is about Paytm Prank app, hence I Googled for this app and downloaded it.
Paytm Prank Apk – download link
This App does not work at all
First bad thing about this app is that it asks for permissions for making phone calls as well as know location of your device, so looks like a Spam app.
Anyway since I loaded it on a mobile which does not have any contacts or important data, I gave permissions to get location and call permissions to the App.
However it does not work at all? It stuck to the main screen and do not give any further options to generate a payment receipt.
Why its possible that people used fake paytm app to deceive shopkeepers?
Since Paytm is used and accepted widely, most of the people including me, prefer to use Paytm at shops. This surely saves burden on CASH carrying to buy things.
My own experience is that many times when I show my mobile screen of payment successful the shopkeeper gets convinced and do not bother to check in his mobile for receipt … in some cases he checks but due to his mobile internet connectivity issues or tower signal poor, he is not able to verify if he has received the payment or not.
Sometimes the mobile number is the owners phone, and he has gone somewhere, so worker in shop do not have any way to verify the payment, but to believe what the customer showed him as confirmation of payment.
Now this is where the catch is!
If you see all the three news I have shared in the beginning of post, you will realize that due to many practical reasons, there are many chances that someone can simply use some fake app to generate fake payment receipt, show it to the shopkeeper and get the goods for FREE! and by the time the shop owner is aware that he is duped, he can’t do anything at all .. since there are no records kept of mobile number etc …
Take an example of Spoof Paytm App … if someone slightly modifies it to read the QR code and populate the required fields like name and phone no etc .. then what?
In fact when I loaded Spoof Paytm App . .I found that it is really easy to generate fake payment receipt in seconds and shopkeeper will get fooled with the originality of mock receipt!
The app is able to read the QR code and display the phone number.
The App also generates fake random Transaction Txn ID and adds to the receipt!
The complete UI looks precisely like original Paytm App!
I will say this is same as someone using fake currency, only this way is fake digital currency.
What is Solution ?
From the Shop owner side
I think the solution is taking similar actions we do for the fake currency.
Yes, check and confirm.
The shop owner must ensure that he is able to receive payment notification. If not, he should not accept digital payments from customers.
Another option is that the apps like Paytm, shall enable providing notification of alternate mobile numbers in case main mobile is out of range or authorize two mobile numbers against one business account, at least for notifications.
One more option is to record customer mobile number and confirm by calling upfront, this will ensure that he is able to call the customer later, in case payment is not received.
From Paytm side or any other payment app side
Block such apps from Google App store – However I found that even such apps are removed from the official Google App store, they are available on other websites for download. I am not sure how this can be banned, however I believe that requesting Google can make them disappear from the Google web search .. and once they disappear from Google search .. practically they will be useless …
references for this post are taken from –
how to create fake paytm receipt with 100% proof – note – This thread is archived by Reddit
fake paytm app – payment receipt generator