Timtara.com is attracting negative publicity due to its pathetic approach towards consumers through delayed shipments of products, inefficient consumer support systems and lack of refunds
Despite several warnings and outcries raised by duped consumers, online shopping portal www.timtara.com continues to cheat. Consumers allege the website treats its buyers very rudely. The site neither offers cash-on-delivery, like other portals dealing with online shopping, nor does it deliver products in time to buyers, with innumerable complaints posted on Timtara’s own fan page on social networking website Facebook, as well as, on review websites such as Mouthshut.com.
The e-buying website has been attracting negative publicity due to its pathetic approach towards consumers through delayed shipments of products, inefficient consumer support systems and lack of refunds from the website. A Google search about the site throws up interesting results. Most of the complaints generated online, refers to delayed shipments of products.
In an e-mail to Moneylife, a disgruntled consumer Niraj Prasad explained that he had purchased a mobile phone Micromax A110 Canvas 2 worth Rs8,990 on 4 December 2012 from the website. His e-mail pointed out that the products, if delivered, are often found to be faulty and the website does not refund the amount to consumers. An inefficient consumer support mechanism chooses to ignore phone calls and refuses to resolve complaints launched by consumers. Consumers allege that the consumer support mechanism of the website seems to have a standard answer for all queries posed to them. Sadly, Niraj’s case is not a stand-alone case. There are numerous complaints, which are similar, across the Internet.
Disillusioned by the process of waiting for refunds, the consumers have now launched an online campaign and formed a group on Facebook. The dubious activities of the website and its unclear motives were also featured on a TV programme. In the programme, cyber law expert Pawan Duggal pointed out that consumers can launch complaints under Section 34 of the Consumer Protection Act.
Regular monitoring and complaints by consumers ensured that the activities of this website were also highlighted in some newspapers. Moneylife had earlier covered Timtara (please click here to read the article) and noted that even though various discounts were displayed on the official fan page of the website on Facebook, there were several complaints registered against the portal.
The National Consumer Helpline informed Moneylife that a consumer can lodge an official complaint with the company, of which a copy has to be retained with the complainant. If the company does not respond within the stipulated period of 10 days, the complainant can move court and the proceedings would be carried forward by the consumer court. An e-mail to Mr Amritlal Saha, chairman, Consumer Coordination Council from Moneylife received a response saying that the complaint has been treated on a priority basis and a copy of the complaint has been forwarded to Mr Suresh Sharma, the director of the Consumer Coordination Council and Mr Giriraj Singh, chief manager of Consumer Online Resource and Empowerment Centre of the Consumer Coordination Council. An e-mail to the consumer support mechanism has also been sent by Moneylife.
Nearly every person who owns a computer has bought something from the Internet at least once. The trend of online shopping has been rising rapidly. In the crowded space called Internet, consumers have a plethora of e-commerce websites to choose from. Shopping online has become a matter of convenience for working professionals as it offers greater variety of products and cheaper price deals. Unfortunately, sites like Timtara are ruining the party with their careless attitude and apathy towards buyers.
In our final piece on Herbalife, we find out how distributors have been let down by the company they gave several years to. Negative testimonials show how lives have been ruined by this multi-level marketing scheme and why regulators need to act soon
Bill Ackman, an activist and hedge fund manager, has gathered several negative testimonials from former sales people and distributors of Herbalife. The picture is not at all encouraging. While the 1% is consistently enjoying the riches of the 99%, most distributors have become poorer. They’ve now learnt their lesson, but perhaps too late.
Click here for part I which describes Herbalife’s dubious products.
Click here for part II which describes Herbalife business model.
In our previous two pieces on Herbalife, we described the products and the business propositions of Herbalife’s MLM scheme. We also pointed out from Ackman’s presentation that very few people actually make money from the MLM scheme, let alone get to the top of the pyramid. High-ranking distributors, some with no educational background, use dollar testimonials to showcase their rag-to-riches story and lure hapless distributors to the bottom of the pyramid. Herbalife simply exaggerates such stories.
But what is the reality out there? Many are left behind, make losses and have had their lives shattered. MLM expert Robert FitzPatrick, an expert on the subject, has said that it is very difficult to make money on MLMs. According to him, distributors must invest as much as $3,000 to $4,000 in their Herbalife ‘business’ to even achieve “sales leader” status (and be eligible for ‘rewards’). However, he found out that, on average, distributors make only $549 per year! This means that it would take at least five and a half years just to breakeven. Many distributors aspiring to move up the pyramid borrow money to make that $3,000 investment. Aside from this unnecessary debt, they also had mortgage payments, which made it even more difficult for them to manage their finances.
Read what the failed distributors who saw their life savings wiped out have to say about Herbalife.
Let’s start with someone who wished to remain anonymous. “I was a Herbalife distributor for five years and never made it past the supervisory level. I spent $55K+ trying to get to the Global Expansion Team (GET) level. I finally woke up in August 2004, after spending yet more money (for airfare, hotel and food) to attend a so-called five-day change-your-life meeting at one of the jokers’ homes in Scottsdale, Arizona. His so-called mansion was a modestly priced home with a huge pool and no backyard. I was so turned off and disgusted by the lies and puffery that I made my decision to immediately resign as a distributor. Too bad that it took me five years to learn that this was nothing more than a pyramid scheme.”
One testimonial of a husband-wife who joined the MLM is particularly revealing of its tactics: “Herbalife pressures, bullies, promises and pledges to support and help. We were lied to and basically left on our own. Even though we tried as hard as we could, our supervisor decided we were more trouble than we were worth. The only people that make money in this business are those who have an army of distributors under them and an unlimited income to flood the market with advertising and mass mailings of blue books. My husband and I were left thousands of dollars in debt, but much wiser.”
One person who is deep in debt and had moral doubts says, “I lost about $20K to them two years ago. I am still paying off the debt. I got out because I could not bring myself to do what they wanted me to do to make sales and recruit people. It just didn't feel right. Too many half-truths and blatant lies.”
Here’s another testimonial from a husband-wife distributor team: “My advice to anyone considering Herbalife is—don't fall for the emotional testimonies. And don't allow your money to fly away the way we did. Be smart and research all the facts independently by yourself first.”
Another distributor says, “For almost everyone who invests Global Online System (which sells Herbalife) turns out to be a losing financial proposition. I was losing money every single month in the business (from March 2002-March 2003) working 10 hours per day, but I had to lie on the stage that I was making large sums of money.”
Here’s another sad story about a couple who was brainwashed into thinking that they were the “best distributors” only to find out that the pressure to recruit and sell was too much to bear. Rob says, “I was conned all the way and now both my wife and I are ill, and splitting up because of the pressure. It's fine until the investment money runs out, then you are left to rot. We were told in eight months that we were the best distributors ever to enter his organisation. Now we're broke, ill and splitting up. Please look into this organisation and warn people they need $200,000 minimum to make it work.”
The number of negative testimonials says a lot about Herbalife, its dubious business model and the way lives are ruined. You can read the rest of the testimonials here.
Herbalife is, of course, thriving in India. One of the biggest malaises in our country is regulatory oversight and the lack of laws to clamp down on MLMs. In India, MLMs may fall under Prize Chit and Money Circulation Scheme (Banning) Act, 1978, which is too badly drafted to be effective. According to Mr Fitzpatrick, numerous class action suits have been filed against major MLMs such as Amway, Herbalife, Usana, Pre-Paid Legal, and others—all making the same charges of pyramid fraud, in the United States. Herbalife is involved in as many as 270 lawsuits all over the world, many of which target the heart and practices of Herbalife’s business model: MLM and pyramiding.
One Indian distributor who shelled out money for Herbalife and lost his friends said, way back in 2005, “I think they might be dumping these in India now, since people in their country didn't let them get away with it (emphasis is ours). I realised that the truth about this business is that the money is made not by the distributors but by the company, when they coerce you into buying their starter kits and badges and assorted rubbish. When something stinks so bad you've got to get out and close the door. I'm lucky I did that, before I compromised on my ethical standards and lost all my friends to boot.”
This is what happens when an MLM, booted from one country, targets another with spotty regulation. India happens to be one such country.
When will Indian regulators take a hard look at MLMs? How many Indians will have their lives ruined before they take notice?
Click here to read about Moneylife Foundation seminars on financial literacy and spreading awareness about shady MLMs. It is time to become aware and brush up your financial literacy.
Everything you want to know about Herbalife can be found here.
There is a distinct difference between identification and authentication. Worldwide, biometrics is mainly used for identification rather than authentication when the sample size is large. Yet, in India, the government and the UIDAI are trying hard to use the UID number for both identification and authentication
Given that the UID project—now branded as the Aadhaar project does not have legal sanction yet—the National Identification Authority (NIA) Bill was sent back by Parliament’s own standing committee, no cost benefit analysis yet, no feasibility study of any kind yet, it is interesting to look at the security issues of this project.
First of all, no expert worth his/her salt would believe that authentication using fingerprints works for a population anywhere close to this size. Worldwide, biometrics is mainly used for identification rather than authentication when the sample size is large. There is a distinct difference between identification and authentication which I would like to take some time to explain.
For instance, the US Federal Bureau of Investigation (FBI) has a biometric database of around 50 million or so people (note that this is not the biometric of American population which totals more than 250 million) which is checked against a fingerprint found in a crime site to see if a suspect is found among the people whose fingerprints are in the FBI database.
Matching of fingerprints for identification purposes requires careful, high resolution checks to see if two fingerprints are the same. Even with such a high resolution check, the FBI has made mistakes. In case of a terrorist incident in Spain a couple of years ago, it mistakenly nailed a lawyer from California based on fingerprint matching only to retract later. The FBI was later sued by the lawyer and it paid hefty compensation to the lawyer for its mistake.
Authentication is the process of checking only one fingerprint and at much lower resolution to see if the fingerprint in the database is the same as the one that is being produced for authentication.
Now how are the two different, you may ask?
To understand it, one needs to understand an important aspect, namely that this authentication at least as proposed by is done remotely and digitally. And herein lies the crucial difference. Thus, for instance if I have a digital image of your fingerprint, I can authenticate in your name. That is, I can impersonate you because I have the digital copy of your fingerprint. Now, it is not difficult to make a digital copy of your fingerprint. For instance, I can give you a glass of water to drink and when you touch that glass, your fingerprints will appear on that glass. By following a procedure—and instructions for such a procedure are available easily and even on the internet—I can then make a fake fingerprint made out of say ‘Fevicol’, wear it on my finger, and then use it for authentication. Thus, for all purposes, and as far as is concerned, I have impersonated you and I can now be eligible for the cash transfers that you are eligible for.
Please note that the above is possible in all circumstances—namely if authentication is to be done in automated fashion in say an ATM like machine or in a supervised condition where a supervisor picks up my fingerprint via a fingerprint scanner which he/she carries.
Now that the government is going to use UID for vast amounts of cash transfers, and given the proliferation of frauds in this country, one can imagine the windfall for fraudsters due to this. And add this to the fact that middle-men/agents who may carry this task in this country aren't exactly saints. They can lay their hands on fingerprints of a huge number of people either via digital copies or via making faking fingers and steal the entitlements of the people. Most people not knowing the technology behind all this would be clueless as to what is happening.
The above is by no means the only security issue with the UID project. There are many more serious security issues in this UID project. One of the other main ones is that of de-duplication. The whole UID project rests on the thesis that your identity, that is your biometrics—fingerprints and iris scans—are unique. Which means that each of the billion fingerprints in the database—assuming the database is say a billion strong—corresponding to the billion people are unique. That is, no two fingerprints corresponding to a particular finger in the database are the same. And how does ensure this? They claim to ensure this through a process which they call de-duplication.
Now what is de-duplication?
De-duplication is the following. Whenever a person’s biometrics—that is his/her fingerprints, and iris scans—are to be inserted in the database for the first time, there is a check made to ensure that these are not already present in the database, that is, they are not duplicated. That is, for each of the ten fingerprints of the person, a check is made against each and every fingerprint already present in the UID database corresponding to the particular finger to see if a similar fingerprint already exists in the database. Only if no similar fingerprint exists is the newly to be introduced fingerprint considered unique and introduced into the database. The UIDAI claims that this process is almost 100% accurate; that is, except for a small minute percentage, it will catch all the duplicates. And herein lies the problem. This claim is made by the UIDAI. However, there is no independent verification by any unbiased third party of this claim.
And this is the whole issue; should any sensible person believe the UIDAI’s claim when does not allow any independent third party access to verify its claim? Given that thousands of crores are at stake for and say finds that de-duplication is not working do you expect it to come out and say it?
There is no good reason to believe what UIDAI says is correct mainly because it has been completely non-transparent about the project, hasn't sincerely answered questions raised as part of RTI queries, as also has gone back on promised commitments to meet with independent experts who are part of civil society to discuss such issues.
I would not be surprised if de-duplication is not working and there are many persons out there, who have more than one UID allocated to them.
This is not all. There are other security issues as well. In any financial system based on authentication—and the UIDAI's system will deal with money worth thousands of crores to be doled out as cash transfers—there is a concept of a password. For instance, in case of internet banking or an ATM transaction, we have a PIN and we have different kinds of passwords such as login passwords or transaction passwords. No one in this world designs a system assuming 100% security. Perfect security does not exist and a good design while taking as much care on the security front has to always have a backup in case security is breached. That is the standard practice worldwide accepted among experts. Thus, for instance in case of a banking system, if my password is stolen, I call the bank, ask it to deactivate my current password and send me a new password. This basic principle is broken by because in the case of the system, the password is your biometric which cannot be changed. Thus, if you lose your biometric—and I have mentioned a way above by which your fingerprint image can be stolen—you are doomed. Because, you cannot get a new fingerprint, and your data will be lost forever to the person who stole your password. This is such a fundamental design flaw that it cannot be overemphasized. With how much ever care and how much ever security, there is a finite possibility that some people will lose their biometrics. In the current system, they will be shut down from the system for good.
In a way the above has already happened. In Mumbai, some fraudsters masquerading as official agents of for UID recruitment picked the biometrics of about 1,000 people. Now, these peoples’ identities are stolen for good; all the entitlements that they may be eligible for can be stolen by the fraudsters. The authorities, very stupidly, has asked these people to re-register for UID, something that is not going to help them because their biometrics is already lost and is with fraudsters and while re-registering them will pick the same biometrics from them again. Also, there has been a case where a laptop on which enrolment data was present was stolen.
Apart from all the other issues, there is always a possibility that the database itself is hacked into and stolen. Database could be a good target for terrorists. If I am not wrong, biometrics in this database is stored unencrypted, again a fatal mistake. Thus, if even part of this database is stolen, it is irreplaceable unlike a bank database where all that needs to be done is to deactivate the passwords and give new passwords to the customers. In the case, the only way out is to ask every Indian to undergo a surgery to change their fingerprints surgically, a practical impossibility not to mention other serious issues.
The UIDAI has no answers to the above questions, because there are none. The system’s security is flawed from the conception stage itself and it cannot be fixed so easily. It is indeed better to scrap this project and save taxpayers' money.
This is eighth part of a nine part series on UID
(Dr Samir Kelekar has a B Tech from IIT Bombay and PhD from Columbia University, New York. He is a security professional and runs a consultancy firm Teknotrends Software Pvt Ltd. He is also a holder of a critical US patent in the area of network security. Dr Kelekar consults in the area of security with banks, telecom companies and others.)
Is UID anti-people?–Part7: Incarnation of new geo-strategic tools, NCTC, NATGRID, UID, RFID and NPR
Is UID anti-people?–Part 6: The foundation for incessant intrusion
Is UID anti-people?–Part 5: Why UID is impractical and flawed “Ab initio”
Is UID anti-people?-Part 4: Does the implementation smack of corruption and negligence?
Is UID anti-people?-Part 3: Tall claims and tomfoolery of UID
Is UID anti-people? –Part 2: A bundle of contradictions, misconceptions & mirages
Is UID anti-people? The database state –Part1