How Truecaller might have cost this Nigerian user over $13,000

November 4, 2019
4 min read
Truecaller airtime

The ability to block strange calls, SMSes, and spammers has made Truecaller increasingly popular with mobile users. But rising privacy issues and perceived exploitation of users data have people around the world raising their eyebrows.

A couple of days ago, Truecaller user Chika Obuah, a systems engineer and director at Czoid, sent a query to the app’s support platform on Twitter asking why promotional text messages were sent to his contacts without his knowledge or authorisation.

In response to the tweet, Truecaller claimed that he might have mistakenly triggered the auto-invite feature by clicking on the referral programme when it popped up on his phone.


“When you click on the referral notification and click OK, an invite is automatically sent to a non-Truecaller user in your contact list,” reads the response.


However, Chika denied ever signing up for the referral programme since he started using Truecaller in 2015.

He also pointed out that he never clicked on any notification about the referral program.


Clearly and unequivocally, Chika narrates his ordeal to Techpoint.

“It was on the 26th of October, around 3:38 p.m. Nigerian time, I just checked my phone only to discover that promotional text messages had gone out to random contacts, using my airtime,” Chika recalls.

chika obuah screenshot
Sample SMS Truecaller sent to one of Chika's clients/contacts

Worse still, the fact that these messages were sent to some of his professional acquaintances and clients, called his professionalism into question. Chika claims they may have cost him deals worth up to ₦5 million ($13,807).

“Since they didn’t send to all my contacts but selected just a few, I started to wonder how they came up with that list and who gave them authorisation,” says Chika.

His ensuing confusion prompted him to check the app permissions where he saw the long list of features the app has access to -- including his phonebook and SMS app -- to which he had unknowingly granted Truecaller on installing the app.

truecaller permissions

Chika insists that the referral programme could not have been activated erroneously because it is not easy to find within the app. He also claims that no one who could have triggered the app’s auto-invite had access to his phone during this period.

A closer look at the Truecaller app reveals that it would indeed take a series of very deliberate actions to activate the referral programme though, once in a while, ads pop up on the phone’s notification bar which could be clicked on by mistake.

WhatsApp Image 2019 11 02 at 4.46.19 PM
Pop-up notification ad that could inadvertently sign a user unto the Truecaller referral programme

In response to our inquiry, Truecaller firmly maintains that from its investigation, Chika actually entered for a referral programme a while ago but cannot tell if he triggered it manually or not.

"This seems like abnormal behaviour and we are investigating this further with the user. Since we have not seen any other users reporting the same issue within this time frame, Truecaller users don’t need to be concerned about this."

However, the issue does not appear to be exclusive to Chika or even to just Nigeria.

Another user from Bangalore, India made the same complaint and claimed to have heard of multiple complaints by other users.

Screenshot 37

Reportedly, it is not news that the caller app executes such random acts without the consent of its registered users.

In July 2019, Truecaller users in India experienced acts that amounted to a serious privacy breach and the possibility of this being a recurrence is high.

Reportedly caused by a bug, the app automatically created IDs for its users with India’s Unified Payment Interface (UPI) -- an instant payment system for interbank transactions -- without their consent.

Suggested Read: NITDA investigating alleged privacy breach by Truecaller

All of this comes on the back of an investigation by the National Information Technology Development Agency (NITDA) into the allegedly unfair amount of user data the Scandinavia-owned app has access to on installation. For now, it seems users might have to critically read Truecaller’s privacy policy and decide on the best way to tread, going forward.

Journalist feasting on tech, business, and policies. Looking to chat? Catch up with me, @eruskkii, on Twitter or send a mail to [email protected]
Journalist feasting on tech, business, and policies. Looking to chat? Catch up with me, @eruskkii, on Twitter or send a mail to [email protected]
Subscribe To Techpoint Digest
This is A daily 5-minute roundup of happenings in African and global tech, sent directly to your email inbox, between 5 a.m. and 7 a.m (WAT) every week day! 
Digest Subscription

Give it a try, you can unsubscribe anytime. Privacy Policy.

Journalist feasting on tech, business, and policies. Looking to chat? Catch up with me, @eruskkii, on Twitter or send a mail to [email protected]

Other Stories

43b, Emina Cres, Allen, Ikeja.

 Techpremier Media Limited. All rights reserved