The Cyberspace Administration of China (CAC) held talks with Momo, the developer behind the Deepfake app ZAO over data security concerns on Tuesday.

CAC asked the company to overhaul their system and revise items in its privacy policy, citing loopholes in the app's privacy policy and its related data security issues. 

"When collecting information from users, they have to act in accordance with relevant regulations and laws," wrote a post on the Ministry of Industry and Information Technology's official Weibo account. "Meanwhile the company has to prevent from the potential telecom fraud caused by information misuse."

Read more: Deepfake Chinese app changes rules after privacy storm

The face-swapping app surged in popularity after its debut on August 30. It allows users to "star" in films, "co-star" with celebrities and create their own face emojis and video clips just by uploading a front photo or taking a selfie.

The app's quick success has also led to wide condemnation after reports of privacy and data security concerns.

Many worried whether their uploaded photos would be used for illegal purposes or whether their personal information could be stolen since many bank transactions and online payments can now be done via facial recognition.

The company responded to user concerns on Tuesday, stating that they would not store any facial information generated from users, and the face-swapping technology behind their app has no chance of posing a threat when using facial payment technology.

Ant Financial Services Group, owner of Alipay, also issued a response when the problem was first reported, saying their facial scanning payment can tell real faces from AI-generated photos and video snapshots, and require dual authentication from both software and hardware level. "So it poses no threat," they said.