The BHIM app allows users to make payments using the UPI application. This also works in collaboration with UPI and transactions can be carried out using a VPA. One can link his/her bank account with the BHIM interface easily. It is also possible to link multiple bank accounts. The BHIM app can be used by anyone who has a mobile number, debit card and a valid bank account. Money can be sent to different bank accounts, virtual addresses or to an Aadhaar number. There are also many banks that have collaborated with the NPCI and BHIM to allow customers to use this interface.

How to use BHIM app ?

1. Download and install the BHIM app
2. Choose a languagep
3. Register for the service by providing mobile number linked to bank account
4. Add bank-related information and set up a UPI PIN by following the given instructions.

Send Money

The option is simple to use. Tap on it > enter the phone number of the person who is going to receive the money. The number will be verified and if a UPI/BHIM account has been set up for that number, the app will accept the number and will take you to the next screen where you can put in the money and send it.If there is no number or UPI ID, you can also send the money using Bank Account + IFSC code. To access this option, click on three dots (settings) on the send money page.

Request Money

Again, tap on the request button. Put in the number, let the app verify it. Once the verification is done, you can request the money.

Scan and Pay

This is the place where QR codes come into picture. The app generates a QR for every user, which can then be shared or printed and pasted. To make a payment to the QR code owner, just scan it and pay.

Threats to BHIM app

SQL injection vulnerability

SQL stands for Structured Query Language, used to communicate with a data-base. The code is written us-ing SQL inline method, which is largely considered an inse-cure way of storing data.

Denial of services’ attack

Hackers flood servers with fake transactions to bring them down. The app allows a user to have sender and re-ceiver’s account as the same, which means one can contin-ue to send small amounts of money to his or her own ac-count, without making any real transaction but in the process, possibly clogging the system if other controls are not in place--something that may lead to a Denial of Service attack.

Best practices for users to remain safe

The steps to be taken care to protect yourselves from financial fraud through BHIM App.

1. Check the payment collect request details with the merchant before making the pay-ment
2. Be sure to keep UPI based Apps updated.
3. Make sure you transfer money only to known beneficiaries