Incidences of mobile-related financial frauds may be on the increase in the country as banks roll out more mobile applications and Unstructured Supplementary Service Data (USSD) services, Tech Track Africa has learnt. This also came with the disclosure that the banks in rolling out the services, most times sacrifice security for ‘ease-of-use’.
Industry statistics shows that mobile payment fraud in the country rose from N248.14 Million in 2015 to N347.645 million in 2017 and still growing.
According to the Managing Director, Digital Knowledge Associates, Mr Benedict Anyalenkeya, this is happening because banks in their bid to make the mobile services easier, are securing only their own end, thus making the customers vulnerable. He noted that while almost all banks in Nigeria offer banking services using mobile phone and USSD, they most times “prioritise security of their back-end while making the front-end open for customers to use”.
Highlighting some of the scenarios in which the frauds occur, Anyalenkeya, who is also a banker, said some times, bank staff connives with fraudsters by providing them account number and phone number of bank clients. “They usually target customers with low electronic transactions, aged customers or customers with remote addresses. The fraudster calls the uninformed customer pretending to be the bank and secures customer’s PIN or ATM card Number and use it to launch transactions” he explained.
In another scenario, he said the fraudster tries to get as much information on victim as he can by stealing their credentials, using social media profiles, or tricking victim into installing malware. “The fraudster then call the telco’s contact centre saying victim’s mobile is lost or stolen. They will use the information they have collected on victim to answer basic security questions and then the telco will cancel the old SIM and activate a new one. They use the information they've collected to hack into victim’s online banking and open a business account or Savings” he said.
While there has been argument over whether the banks or the telecom operators should be blamed for mobile frauds, Anyalenkeya said both parties have key roles to play in mitigating the frauds by strengthening security and creating more awareness. He urged the telecom operators to create and sustain customer awareness messages through their networks. He also urged banks to implement apps that will provide real time check on SIMs during USSD transaction. “Use fraud prevention software to analyse customers’ historical mobile network data to help them to verify the authenticity of transactions and communications. These technology solutions automatically check for any data mismatches for certain actions, such as an account password request, to help the bank assess the risk of SIM swap fraud” he advised.