• Hey there! Welcome to TFC! View fewer ads on the website just by signing up on TF Community.

Data piracy by CRED

Reader mode
CRED also works without Email access. Get's information of transactions from SMS.
 

Attachments

  • Screenshot_2025-08-17-11-32-38-207_com.dreamplug.androidapp-edit.webp
    Screenshot_2025-08-17-11-32-38-207_com.dreamplug.androidapp-edit.webp
    68.1 KB · Views: 14
HumorSimpson said:
Messages like bill amount is ok as it already had our last 4 digits of cc. But if it sends cb, rewards earned too then thats a problem
Click to expand...

Snoop Jim Carrey GIF by Laff

CRED is checking on our mobile 24/7
 
For iOS users, you can restrict CRED from accessing your SMS messages and CRED won't be able to do anything (like demand you give access to SMS). If you have already removed e-mail integration, this additional step prohibits CRED from snooping into your messages.
 
I haven't gone through the thread, but they absolutely open the statement in your mail.

I don't know what you thought you were giving email access for when you did. It's for reading statements. ICICI doesn't even mention the amount and due date in their emails.
 
Apply For LTF Axis Bank Credit Card
Cred is very helpful for those ppl handling multiple credit cards and payment due dates. It also gives alert through WhatsApp, It is up to us to decide whether to provide email access or not. It also helps us to identify hidden charges and also Annual fee reminder can be tracked using cred protect alerts. If due date is near it gives critical reminders..
 
akshayhs said:
For iOS users, you can restrict CRED from accessing your SMS messages and CRED won't be able to do anything (like demand you give access to SMS). If you have already removed e-mail integration, this additional step prohibits CRED from snooping into your messages.
Click to expand...
True that. Apple devices have security protections unlike any other. For example, for OTP SMSs, merchants like Amazon, Swiggy etc can auto-access only the 6-digit OTP, not the entire SMS, including details like remaining credit card/bank account balance etc, like they can on other platforms.
 
Yup. CRED reads all your statements. They will also detect hidden charges like Yearly renewal charges and display to you. The moment you give access to email it's done. That's why they always renew access to email from time to time. This will be my last month on CRED. Moving completely to excel sheet and I know due date of each card anyways.
 
HumorSimpson said:
And why do you want to do that ? Typical apps like phonepe which read sms aren't enough ?
Click to expand...
True but I prefer to give SMS permissions to as few apps as possible. I turn off the SMS permission as soon as first time registration is done in bank/fintech apps
I have most banks apps and few UPI apps installed and they work just fine without SMS permission. The apps that don't start without the SMS permission in my phone are imobile and kiwi. And from the permission history logs, they seem to be accessing it atleast daily once which is more frequent than they need to...

Also to just get the payment reminders, you can just enter your phone number and last 4 cc digits to apps like paytm, phonepe, sbi unipay site .etc and they will remind you without needing sms permissions
 
Apply For LTF Scepia Credit Card
gautamcool said:
True but I prefer to give SMS permissions to as few apps as possible. I turn off the SMS permission as soon as first time registration is done in bank/fintech apps
I have most banks apps and few UPI apps installed and they work just fine without SMS permission. The apps that don't start without the SMS permission in my phone are imobile and kiwi. And from the permission history logs, they seem to be accessing it atleast daily once which is more frequent than they need to...

Also to just get the payment reminders, you can just enter your phone number and last 4 cc digits to apps like paytm, phonepe, sbi unipay site .etc and they will remind you without needing sms permissions
Click to expand...
As per NPCI, SMS permission is mandatory...UPI app does not work without SMS permission...Can u pls share which UPI apps are working without SMS permission
 
sunit123 said:
As per NPCI, SMS permission is mandatory...UPI app does not work without SMS permission...Can u pls share which UPI apps are working without SMS permission
Click to expand...
Yes they are needed only during first registration. Not always
Also as per NPCI, UPI apps need SMS permission to just send a single SMS while registration. Unfortunately in Android there's still only a single control for both read and write SMS
And I don't trust the apps including banking ones to not use/sell my data for ads

The following day to day UPI apps in my phone that work without SMS permission are,
cred
gpay
paytm
bhim
phonepe
Samsung wallet
hdfc bank app old
idfc first app
 
Reader mode
You must log in or register to reply here.

Similar threads

sunit123
  • Question Question
CRED data Stolen: 4 from Gujarat arrested for siphoning off Rs 12.5 cr from Bengaluru-based fintech firm CRED
Replies
3
Views
342
Gau₹av
Gau₹av
TechnoFino
Shocking! My Bank Shared My Personal Data Without Consent
Replies
20
Views
1K
moneyMaker
moneyMaker
plastikman
Be careful with CRED Payments - CRED paid to Wrong Card Account
Replies
21
Views
2K
messypenguin
M
papimann
BOB Credit Card Payment showed successfull on Cred for 6 days and then it failed and reverted back leading to delay of 3 days in payment.
Replies
5
Views
291
IDontThinkSo
IDontThinkSo
D
Cred app bug
Replies
3
Views
644
ccdc
C
Back
Top