How to hack RelianceIndiaCall.COM Calling Card

WARNING: I am not advocating hacking RelianceIndiaCall. I am just trying to point out the flaw on their site, in hope that they would fix the issue.

RelianceIndiaCall.com is the premier site for calling cards to India. Though their per minute charge (around 12 cents/minute) is bit higher than what you find on other calling cards site, but their calling card quality is top notch. 99% you get your call through at first try and there are no connection fees per call like other calling cards. Overall, a great service which I highly recommend.

Inspite of the great calling cards, their website SUCKS, it sucks big time. One of the biggest problem with RelianceIndiaCall site is that it’s such an easy target for hackers! To login to their website, you use your cell phone number and 4 digit PIN. Yes, cell phone number and a 4 digit PIN! Getting a desi’s cell number is an easy thing. Once you have cell phone number, you can write a script which tries PIN starting from 1000 to 9999 for given number. I think any web developer can write such script in 10 mins. RelianceIndiaCall.com stores user’s credit card information (thankfully it’s not visible) and if you wish, you can charge someone’s account by $100 or so! Obviously, you can use the PIN to make calls to India.

Moral of the story: If you have RelianceIndiaCall account, keep checking your account for any malicious activity.