[ UPDATE 24/08/2020 17:22 ] A spokesperson for Grab has reached out with an official statement:
We refer to reports on hacking and stolen jobs that were inaccurate and misleading, hence we would like to reiterate our statement and correct certain facts. There are no HACKS, JOB STEALING AND PRIVACY RISKS on the app.
We are aware that there have been a small number of unethical driver-partners who have been using illegitimate tools to exploit other means to gain unfair advantages over job allocations. We take fraud seriously and will not hesitate to suspend driver-partners who use illegitimate tools and apps. Hence we have been working closely with our driver-partner community to educate them that such tools are unfair to the majority of our honest and hardworking driver-partners.
These illegitimate tools only threaten the personal data stored in driver-partners own mobile devices, and we have informed our driver-partners of the risks. We would like to assure you this does not compromise the safety and security of our platform and passenger account.
We have invested heavily into building advanced anti-fraud technology that has allowed us to proactively detect and prevent such activities and to keep our platform safe and secure. But the fight against fraud is never-ending, which is why we will continue to develop technology powered by machine learning and have dedicated specialist tech team focused on anti-fraud efforts.
We appeal to driver-partners to continue informing us of such activities so that we could investigate and protect their income.
======
A spokesman for e-hailing giants Grab has explained to FMT that certain drivers—or “driver-partners”—on the app have been illegally stealing bookings from other drivers on the platform. This is done by using “illegal tools” and modified versions of the Grab Driver app, and gives the offending drivers the chance to cherry pick rides/bookings that may be more profitable.
One driver reportedly revealed that bookings for long distance trips, where fares can go beyond RM30, are the ones that are most commonly “stolen”. When a booking is stolen, the victim driver then receives a cancellation notice on the Grab app within 15–30 seconds. And it happens often, too, with the driver explaining that the problem has occurred four times within the last two months.
The same driver also said that offending drivers’ modified apps only work when they are in the vicinity of other drivers or customers; he also warned that a visible “glitch” may occur on passengers’ apps if/when a booking is stolen.
So, how does this work?
An educated guess would be that these modifications allow drivers to spoof their location (GPS data), among other things. The Grab platform allocates rides to drivers based on a number of factors, including location—although the algorithm has been updated over the years to prevent “gaming” of the system. This was especially prominent during early years in Malaysia, where big incentives were available to driver-partners.
Asia One also reports that something similar has happened in the past with private hire drivers in Singapore—including Grab driver-partners. However, Grab says that developers are working to prevent this from happening, with the company investing in “advanced” anti-fraud technology to ensure that the platform is “safe and secure”.
“However, the fight against fraud is never-ending, which is why we will continue to develop technology powered by machine learning and have dedicated data scientists focused on anti-fraud efforts.”
If you’re worried about your personal data stored in Grab, the e-hailing giants have claimed that these modified apps do not compromise the security of customers’ personal data. Modified versions of the Grab Driver app would have to be sideloaded—downloaded directly from a 3rd party server/site, as opposed to the Play Store—which could mean that personal data stored in the official Grab app is safe.
