Connect with us

Latest News

Apple alum’s jobs app for India’s workers secures $8 million

Published

on

Javed, a middle-aged man, worked as a driver before losing that job earlier this year as coronavirus spread across India, prompting New Delhi to enforce a nationwide lockdown and temporarily curb several business activities.

There are millions of people like Javed in India today who have lost their livelihood in recent months. They are low-skilled workers and are currently struggling to secure another job.

An Apple alum thinks he can help. Through his app startup Apna, Nirmit Parikh is helping India’s workers learn new skills, connect with one another, and find jobs.

Parikh’s app is already changing lives. Javed, who could barely speak a few words in English before, recently posted a video on Apna app where he talked about his new job — processing raisins — in English.

In less than one year of its existence, Apna app — available on Android — has amassed over 1.2 million users.

The startup announced on Tuesday it has raised $8 million in its Series A financing round led by Lightspeed India and Sequoia Capital India . Greenoaks Capital and Rocketship VC also participated in the round.

In an interview with TechCrunch last week, Parikh said that these workers lack an organized community. “They are daily-wage workers. They rely on their friends to find jobs. This makes the prospects of them finding a job very difficult,” he said.

Apna app comprises of vertical communities for skilled professionals like carpenters, painters, field sales agents and many others.

“The most powerful thing for me about Apna is its communities — I’ve seen people help each other start a business, learn a new language or find a gig! Communities harbinger trust and make the model infinitely scalable,” said Vaibhav Agrawal, a Partner at Lightspeed India, in a statement.

The other issue they struggle with is their skillset. “An electrician would end up working decades doing the same job. If only they had access to upskilling courses — and just knew how beneficial it could be to them — they would stand to broaden their scope of work and significantly increase their earnings,” said Parikh.

Apna is addressing this gap in multiple ways. In addition to establishing a community, and rolling out upskilling courses, the startup allows users — most of whom are first time internet users — easily generate a virtual business card. The startup then shares these profiles with prospective employers. (Some of the firms that have hired from Apna app in recent weeks include Amazon, Big Basket, and HDFC Bank.)

In the last one month, Parikh said Apna has facilitated more than 1 million job interviews — up more than 3X month-on-month. During the same period, more than 3 million professional conversations occurred on the platform.

Parikh said he plans to use the fresh capital to expand Apna’s offerings, and help users launch their own businesses. He also plans to expand Apna, currently available in five Indian cities, outside of India in the future.

There are over 250 million blue and grey collar workers in India and providing them meaningful employment opportunities is one of the biggest challenges in our country, said Harshjit Sethi, Principal at Sequoia Capital India, in a statement.

“With internet usage in this demographic growing rapidly, further catalysed by the Jio effect, apps such as Apna can play a meaningful role in democratizing access to employment and skilling. Apna has built a unique product where users quickly come together in professional communities, an unmet need so far,” he added.

A handful of other players are also looking for ways to help. Last month, Google rolled out a feature in its search engine in India that allows users to create their virtual business card. The Android-maker also launched its jobs app Kormo in the country.

Latest News

What The Conflict With Israel Looks Like To 2 Palestinians

Published

on

NPR’s Steve Inskeep talks to Omar Shaban, founder of a Gaza-based think tank, and Palestinian lawyer Diana Buttu, about how this cycle of Palestinian-Israeli violence plays out in their neighborhoods.

Continue Reading

Latest News

Echelon exposed riders’ account data, thanks to a leaky API

Published

on

Image Credits: Echelon (stock image)

Peloton wasn’t the only at-home workout giant exposing private account data. Rival exercise giant Echelon also had a leaky API that let virtually anyone access riders’ account information.

Fitness technology company Echelon, like Peloton, offers a range of workout hardware — bikes, rowers, and a treadmill — as a cheaper alternative for members to exercise at home. Its app also lets members join virtual classes without the need for workout equipment.

But Jan Masters, a security researcher at Pen Test Partners, found that Echelon’s API allowed him to access the account data — including name, city, age, sex, phone number, weight, birthday, and workout statistics and history — of any other member in a live or pre-recorded class. The API also disclosed some information about members’ workout equipment, such as its serial number.

Masters, if you recall, found a similar bug with Peloton’s API, which let him make unauthenticated requests and pull private user account data directly from Peloton’s servers without the server ever checking to make sure he (or anyone else) was allowed to request it.

Echelon’s API allows its members’ devices and apps to talk with Echelon’s servers over the internet. The API was supposed to check if the member’s device was authorized to pull user data by checking for an authorization token. But Masters said the token wasn’t needed to request data.

Masters also found another bug that allowed members to pull data on any other member because of weak access controls on the API. Masters said this bug made it easy to enumerate user account IDs and scrape account data from Echelon’s servers. Facebook, LinkedIn, Peloton and Clubhouse have all fallen victim to scraping attacks that abuse access to APIs to pull in data about users on their platforms.

Ken Munro, founder of Pen Test Partners, disclosed the vulnerabilities to Echelon on January 20 in a Twitter direct message, since the company doesn’t have a public-facing vulnerability disclosure process (which it says is now “under review”). But the researchers did not hear back during the 90 days after the report was submitted, the standard amount of time security researchers give companies to fix flaws before their details are made public.

TechCrunch asked Echelon for comment, and was told that the security flaws identified by Masters — which he wrote up in a blog post — were fixed in January.

“We hired an outside service to perform a penetration test of systems and identify vulnerabilities. We have taken appropriate actions to correct these, most of which were implemented by January 21, 2021. However, Echelon’s position is that the User ID is not PII [personally identifiable information,” said Chris Martin, Echelon’s chief information security officer, in an email.

Echelon did not name the outside security company but said while the company said it keeps detailed logs, it did not say if it had found any evidence of malicious exploitation.

But Munro disputed the company’s claim of when it fixed the vulnerabilities, and provided TechCrunch with evidence that one of the vulnerabilities was not fixed until at least mid-April, and another vulnerability could still be exploited as recently as this week.

When asked for clarity, Echelon did not address the discrepancies. “[The security flaws] have been remediated,” Martin reiterated.

Echelon also confirmed it fixed a bug that allowed users under the age of 13 to sign up. Many companies block access to children under the age of 13 to avoid complying with the Children’s Online Privacy Protection Act, or COPPA, a U.S. law that puts strict rules on what data companies can collect on children. TechCrunch was able to create an Echelon account this week with an age less than 13, despite the page saying: “Minimum age of use is 13 years old.”

Continue Reading

Latest News

Casualties Mount As Violence Intensifies Between Hamas, Israel

Published

on

Israel has called up more troops and launched its heaviest assault yet along the Gaza border. Seven people in Israel have been killed. Losses are much higher on the Palestinian side.

Continue Reading

Trending

Copyright © 2020 Latin America Business News

en_USEnglish