Curtailing Cyber Fraud: Two Sides of the Same Coin
The financial inclusion rate in Nigeria has improved. Since the country adopted an inclusion strategy in 2012, adult Nigerians with a bank account have increased, and now account for more than two-thirds of the financially included.
According to the 2023 Report on Access to Financial Services in Nigeria, financial inclusion continues to expand and has so far been fueled by marginal growth among the country’s banked population and major gains in non-bank formal adoption.
Although approximately 40 million adult Nigerians remain formally excluded, formal financial inclusion was said to have grown from 56% in 2020 to 64% in 2023.
In the last four years, fintech companies in Nigeria have played a vital role in closing this gap, bringing financial services to the country’s unbanked and driving economic growth. Their successes, however, have not come without challenges.
Following the penetration of digital payment platforms in Africa, a fraud epidemic has plagued the fintech ecosystem in Nigeria, with Mobile, Web and POS being the most exploited channels by fraudsters in the country in 2023.
According to the 2023 NIBSS Annual Fraud Landscape report, incidents of “Fraud loss via Internet Banking increased by 325% between 2022 and 2023.”
The rise of digital payment platforms in Nigeria has increased the potential for cyber fraud, with fintech companies now forced to balance between making payment apps user-friendly and prioritising users’ safety to stem increased cyber fraud.
To address the fraud epidemic, the Fintech Association of Nigeria (FintechNGR) plans to unveil a fraud reporting framework sometime this year, while fintech platforms such as PalmPay continue to take the initiative to reevaluate their in-app safety features to protect their users from the activities of fraudsters.
Since launching in Nigeria in 2019 under a Mobile Money Operator (MMO) licence by CBN, PalmPay has grown to over 30 million users as part of its payment ecosystem.
In building a user-friendly app, the company has also sought to foster a secure financial ecosystem by integrating safety features into its app so that the millions of users who transact with the app do so in a safe and trusted environment.
In general, it employs a closed-loop risk management system that involves continuous monitoring, analysis, and response to fraud threats and allows it to detect and prevent security risks in real-time and reduce the potential impact of fraud.
In particular, to reduce incidents of fraud, protect their users from fraudsters, and provide a safe banking environment, it binds their users’ phones to the app and has an auto-logout and biometrics feature to confirm users’ identity.
Chika Nwosu, Managing Director, PalmPay, said the reason why the fintech platform has witnessed astonishing growth in four years was because “We prioritise the safety and security of our users.” He said they’ve been able to achieve this by “marrying security and safety with the customer experience to create a balance.”
Read Also:
Because it understands that curtailing fraud is a two-way street, PalmPay runs a Wallet Safety Workshop to teach users of its app and POS machines various security topics covering payment security and common security issues in daily life, such as password management, fraud detection, phishing and risk identification.
The safety workshop underscores the understanding of user security as an important part of curtailing fraud and encourages its users to ensure that they always secure their wallets using the several built-in safety features in its app.
A recent example was a series of campaigns encouraging its users to link their wallets with their BVN or NIN, following the directive by the Central Bank of Nigeria (CBN) for users of fintech platforms to link their wallets with their BVN or NIN.
PalmPay users have several options for protecting themselves against fraudsters such as the two-factor verification process that makes it difficult for fraudsters to gain access to users’ apps without spooking them. In the first half of 2023, millions of users linked their secure email addresses to their PalmPay app. With this feature, users effortlessly receive OTPs for their in-app login.
The app has a device management feature that allows users to manage trusted devices and remove untrusted devices. When logging in on an untrusted device, users complete a comprehensive security verification process that involves inputting an OTP and their PIN to ensure security.
While fintech companies play a role in protecting users from cyber fraud, the rising fraud incidents in Nigeria can sometimes be due to poor digital and financial literacy, but most especially the failure of many victims to report an attack.
In a report last year, Temitayo Oduwole, Head of IT and Payments, PalmPay, observed that customers do not take prompt action in incidents of fraud and that “Only 33 per cent report the same day or take the necessary right action on the same day.”
Effective investigation into incidents of fraud begins when the user reports to their bank that fraud has occurred. However, fraud, if not reported within the hour the crime occurred, allows criminals to move the stolen funds to ‘safe’ places.
Precaution remains the best remedy to protect oneself from cyber fraud. Anti-fraud expert Tosin Adenekan warned fintech users against trusting strangers with their personal information when performing digital transactions.
According to Mrs Adenekan, “Users of fintech platforms owe it to themselves to follow standard safety precautions to avoid being defrauded by cyber criminals.
“Do not allow strangers such as POS operators to handle personal ATM cards. This is because cybercriminals often posing as helpful POS operators can exploit this to observe PIN entries and distract card owners, ultimately swapping ATM cards.”
She urged fintech users to “take steps to reduce incidents of fraud on their wallets by creating strong passwords, enabling the two-factor authentication features on their fintech app, monitoring their wallets for unauthorised transactions, and protecting their personal login information when in public from prying eyes.”
Other steps to take include “regularly updating their apps, setting limits for their wallets, staying alert for phishing attempts, getting the proper financial education, using secure internet connection, being aware of pop-ups and fraudulent emails, and ensuring that operating systems and internet connections are up to date.”
To prevent falling victim to cyber fraud, Mrs Adenekan urged fintech users to adhere to these safety guidelines and “don’t trust everything on the internet.”
