Privacy Concerns Surrounding Telegram’s Peer-to-Peer SMS Login Service, Experts Warn

Privacy Concerns Surrounding Telegram’s Peer-to-Peer SMS Login Service, Experts Warn

Image Credits: Bryce Durbin/TechCrunch

Telegram has introduced a controversial new feature that grants users a free premium membership in exchange for allowing the instant messaging app to utilize their phone number as a relay for sending one-time SMS passwords to other users attempting to log into the platform, raising concerns about potential privacy risks and the exposure of personal information.

The feature, spotted first by the TGInfoEn Telegram channel (via reverse engineer AssembleDebug), is rolling out in select countries for Telegram for Android users. If you agree to let Telegram use your number as an OTP relay, the company will send you a transferable code for Telegram Premium.

The terms of service for this peer-to-peer login program notes that the company will send a maximum of 150 OTP messages per month. Participating users, who may also be charged for local and international SMS usage, will have to hit a certain quota to be able to avail the complimentary subscription. From a monetary perspective, you might end up paying more through your phone bill than the value of Telegram’s premium membership.

Then there is a massive issue of privacy, which allows strangers to look up your number and use it for spam and fraud. Telegram allows users to hide their phone numbers from strangers, but using your number as a relay could allow them to look up your Telegram account.

The terms indicate that people participating in the program won’t hold Telegram liable for any damages and give the company absolute indemnity from all claims related to peer-to-peer login.

“You acknowledge and agree that Telegram shall bear no liability for any costs, expenses, damages, or any other adverse or otherwise unforeseen consequences that you may incur as a direct or indirect consequence of your present or past participation in the P2PL Program,” they read.

Telegram tells users not to engage with people who receive an OTP code from their number, but there is no way to enforce that.

The company launched a subscription service two years ago with features like transcription, exclusive stickers, reactions, and other customizations. Telegram has introduced features like Stories for paid users. However, users opting into the peer-to-peer login system have to think if giving out their phone number to strangers to save a few bucks is worth the hassle.

Source Reference

Latest stories