When we apply IPO from ZERODHA, the application number generated starts with Unique Client Code. This is not good for Privacy of the clients of ZERODHA. I think ZERODHA should take action on this and provide unique IDs instead.
E.g GROWW IPO application numbers starts with GROWWxxxxxxxxx like that.
I feel ZERODHA should implement such unique IPO ID to protect client privacy. Thank you.
The application number is not available publicly. You can see it on Kite & your UPI app while accepting the mandate payment request. Since these are always UPI collect requests which take a few minutes to reach you - the unique ID helps you identify that the request has come from your account itself.
Could you elaborate on why you feel privacy could be compromised in this flow? If there is a cause for concern, we will definitely engage for a fix to it.
Thanks a lot for your quick reply.
Yes, the application number is not shared publicly but it goes through the whole IPO ecosystem i.e Exchanges, Registers/RTA, Banks etc. And employees are backbone of those ecosystem even though many parts are probably automated. While I hope there are strong NDA for each of those companies, still the present Zerodha IPO application format expose the UCC unnecessarily to the whole system. SO, we never know how or when these information get exposed. Thats a concern.
Regarding your point of convenience, I have two scenarios.
- Multiple IPOs at same time like Lat week : For a single applicant like me, I have to anyway check the Application Nos before approving Bids in UPI. Even tough the Application no starts with UCC, rest are unique. So no way to differentiate other than carefully looking into the who number for UPI. So, UCC makes no sense.
So, even if the IPO application number starts with for e.g. (ZERODHA)xxxxxxxxxx or (COMPANY NAME)xxxxxxxxxx makes no difference than format (UCC)xxxxxxxxxxxx while not exposing UCC to the system. - Most importantly from today Third Party Applications are banned (Big Thanks to SEBI). So, every applicant has to approve UPI from their own Mobile
So need to distinguish if I am approving UPI for my application or Third party will not arise. So, here also Application no with UCC doesn’t make any sense.
Btw: Never applied third party, always applied from own Family members UPI. Have gone through long process of Fund transfer, Application by UPI, again re-transfer back after IPO. So, Big Thanks to SEBI for small investors like me for banning Third party from Today. A new dawn in Indian Primary market.
The depositories and exchanges already get the entire set of KYC information from the stockbrokers to perform validations. It is true though that all entities handling information should have stringent privacy policies.
Splitting the 1st scenario into two parts:
-
In case I apply for two IPOs, and I receive two separate mandates - I will be able to check which is the IPO company in the mandate recipient VPA. My application number helps me validate that both the mandates are from my account.
-
In case I apply for two separate categories in the same IPO - Although, without checking on Kite, I won’t know which mandate is for which category, I can still be assured both mandates are mine.
Third-party applications have always been liable to be rejected by the RTA. There isn’t a restriction on the mobile you can use as such, btw. However, in case a third person applies from their account using your UPI ID and you have accepted the mandate mistakenly assuming it to be yours, your funds will remain blocked. The RTA may reject it during allotment but we have found certain cases where the validation has failed and allotment has been made based on third-party blocks.
Will be open to any other views on this from the community here.