The company behind one of China's most commonly used online payment applications claims it has fixed the application's security vulnerabilities and raised the security level on Tuesday after receiving complains from netizens.
Sina Weibo users on Tuesday said Alipay, Alibaba's payment application, suffers from a security flaw which allows people who have information about Alipay users to log into the users' accounts and make payments without entering the passwords.
Alipay told the Global Times on Tuesday that it has raised the application's security level Tuesday morning, which fixed the security flaw, and said it has also applied a verification process for those who claim to have forgotten their passwords.
At present, users can retrieve their passwords after they successfully recognize their Alipay friends and recently purchased items, Alipay told the Global Times, adding that people cannot retrieve their passwords on other gadgets.
Alipay also said it only allows users to retrieve their passwords after recognizing their Alipay friends and recently purchased items under certain situations. The additional security measure requires users to enter a verification code sent by Alipay via a text message, the company said.
For users who cannot receive text messages or changed their phone number, Alipay said it would evaluate the risk. It said that if it feels the security risk is high, the user will be allowed to retrieve his password if he successfully answers security questions.
Alipay said users can only retrieve their login password, not their payment password. It added users will be notified if their accounts are logged into other gadgets.