Bug Bounty Program

Recent projects

Projects in progress

Reporting Security Issues

iPay and its employees take security very seriously. To make our products as secure as they can be, we invite anyone that finds a potential security risk or data leak to disclose it in a responsible way to the e-dheba Security Team. We ask everyone that finds an issue to follow the guidelines below:

Only access or expose your own data.
If you happen to access or expose other data, report it to us as soon as possible. Do not attempt any further exploits at this point.
Avoid tools or techniques that can degrade the service for other customers.
Don’t disclose vulnerabilities to anyone but E-dheba.

What We Are Looking For

While we take every submission seriously, a lot of submissions are trivial and have very little effect on the security of e-dheba and our customers. Below we list things that we are specifically interested in:

Remote code execution in any of our client applications or in our cloud infrastructure
Privilege escalation attacks against our cloud infrastructure
Authentication attacks
Cross-site scripting (XSS)
Cross-site request forgery (CSRF/XSRF)

Examples of non-qualifying submissions:

Denial of Service vulnerabilities (DoS)
Possibilities to send malicious links to people you know
Security bugs in third-party sites and software that integrate with E-dheba (this includes WordPress issues, unless related to account creation or authentication)
Insecure cookie handling
Spam or social engineering techniques

Reproducibility

In order to qualify for any kind of reward, our engineers have to be able to reproduce the problem. So, please be explicit in your report, since this will save everyone’s time.

How to Submit Your Report

Please use the information here to report a potential security issue to e-dheba:
1. Write to our Security team at mail@edheba.com.
2. Be sure to include relevant details in the report, such as platform, app/server version, necessary conditions for the exploit to work, a description with proof of concept or exploit code, the impact of the issue if exploited, etc.
3. Do not contact individual e-dheba employee directly.
4. Report only one vulnerability per email.
5. Only submissions to this email address directly will be eligible for rewards.
If we have any questions related to the report, we’ll be sure to let you know. Thanks for helping us make e-dheba SuperApp more secure for everyone!

We are innovators

eDheba SuperApp has these various services

Savings & Credit

Services thru its sister concern Imperial Savings and Credit Cooperative Ltd and from its partner organization Citizen Bank International Ltd, earn interest on savings accounts, get online credit facilities for buying products in EMI, and getting micro loans including insurance services.

Remittance

Users will be able to send remittances currently from all the countries in European Union thru its sister concern Lalit Money Transfer P Ltd.

Payments

Having merged with iPay Pvt Ltd, we are now able to offer payment services for mobile, internet, telephone, television, electricity, school, airlines, water, bus services, etc.

Super Services

In the SuperApp services, edheba provides taxi, two wheeler ride sharing, food order from restaurants, groceries and 50+ other services like plumber, carpenter, mason, electrician, home tutor, etc.

Infotainment

Movies (Hindi, English, Nepali, Korean, other languages) Tele Serials, Documentaries, Live TV Channels, all available for free in our Infotainment services.

Kin-Bech

You can buy used or new products and also put your used or new products for sale.

This is all you need
for all of your needs

e-dheba is a digital financial service that provides interest on all the money you have in your account and provides seven major services: Savings and credit, remittance, payments (e.g.: to utility bills, mobile top up etc.), SuperServices (e.g.: food, groceries, medicine orders), Infotainment (e.g: free movies and magazine), Loyalty Bank and Kin-Bech (connecting sellers and buyers).

Please visit our other Webpages as well

Buy Now Pay Later

Buy products now, pay in equal monthly installments (EMI) for 5 months.

Zero 0% interest

No fees or hidden charges

No Collateral

30% Down Payment

MORE INFORMATION

e-dheba Card Services

We have the service to be able to pay for transportation and parking with your card.

Tap & Pay
in Parking

Tap & Pay in
Public Buses

More Information

e-dheba ElectriPay Service

Let e-dheba pay your electricity bill each and every month even if you do not have adequate funds in your account

Pay your electric bill
Each and every month

Pay your electric bill
Even if no money in account

More Information

Vehicle Registration Renewal Service

e-dheba will pick up your billbook, pay your insurance and government renewal charges and deliver it to you with all the official receipts for cashless payments

Pay for insurance & Vehicle
Cashless thru e-dheba

Don' leave home
To Renew your Vehicle

More Information

Taxi Booking Service

You can now book taxis directly from e-dheba SuperApp. Find out full details about this service from this site

Taxi comes
Where you are

Book taxi
With One Tap

More Information

PayDay Loans

When you need micro loans, you can apply from e-dheba SuperApp and get the response and finalization of the loan within one week.

Digitally
Right on your Phone

Micro
Loans

More Information

Careers

We are always looking at acquiring talent, growing it and then also working on retaining talent.

We are a great place to learn new technologies, how it gets to market as we innovate new solutions & products.

Apply
Now

Work for
US

MORE INFORMATION

Bug Bounty

Find bugs in e-dheba SuperApp and get a reward. Find out full details of our program

Get

Rewards

Find
Bugs

MORE INFORMATION

Loyalty Bank

eDheba SuperApp has loyalty bank built into the system whereby you can now earn points for literally everything you do: For installing the app, For getting your ID verified; For referring a friend or family; For every spending whether in eDheba or in various partnering shops.

Shop

With the points

Earn
Points

MORE INFORMATION

Frequently Asked Questions

If you have any questions about the various features, services, facilities or how to avail any of the services, most probably it has been asked before and we have listed it in these FAQs.

Your question
might have been asked

See what others
have asked before

MORE INFORMATION

Oxygen Concentrator

As part of our CSR, we are providing Oxygen Concentrators for COVID and non-Covid patients borrow and the purpose is to help save lives --- one at a time

One at

a Time

Save

Lives

MORE INFORMATION

How To Videos

Check out this collection of videos on 'How To' do various functions and use different features of e-dheba SuperApp

Training

Videos

Learn

New Features

MORE INFORMATION

CONTACT US

GET IN TOUCH

Address Unlimited Building, Khichapokhari, Opp Pashupati Plaza, Kathmandu

Phone number 1-5970800

Email mail@edheba.com

Contact us

Address: Khichapokhari, New Road, Kathmandu, Nepal

Phone Number: +97715970800

Email: mail@edheba.com

Recent projects

Projects in progress

Reporting Security Issues

What We Are Looking For

Examples of non-qualifying submissions:

Reproducibility

How to Submit Your Report