Well, most of Indian startups have been fairly easily hackable and while they try to hide their lack of security focus on PR shit, here is a quick look at some of the Indian startups who have done a pretty good job of security.
FreeCharge tops the list followed by UrbanLadder and Groupon India.
And The Least Secured Indian Startups?
Quite a few well funded names here : Zopnow, Shopclues, Grofers, Faasos etc.
Parameters Used to Rank These Startups
The study conducted by Fallible is based on multiple parameters related to improper user input validation, lack of proper logic while implementation or not adhering to the principle of least privilege. The weightage were given according to potential impact of the bug, ease of discovery, ease of exploit and requirement of other preconditions if any for exploit.
There Are Severe Issues With Some Unicorns
You could pay for an order of amount X and then use the same payment id to associate it with other future orders, the only condition being that the new order amount has to be the same as specified in the payment id. This bug could allow you to place orders for the same amount multiple number of times and pay just once!
Companies like Ola have been known for some of these severe bugs and the reporting-to-fixing cycle is least to say, acceptable.