- A cybersecurity expert has alerted Nigerians on the danger of using card PINs for online transactions
- Kingsley Aguoru, a British-Nigerian, called on the Central Bank of Nigeria and the EFCC to bank card PIN use for online transactions
- He said the practice has become obsolete globally and asked that banks and payment platforms use OTPs and multi-factor authentication
Legit.ng’s Pascal Oparada has reported on tech, energy, stocks, investment and the economy for over a decade.
A Nigerian-British information cybersecurity expert, Kingsley Aguoru, has alerted Nigerians over the continued use of card PINs for online transactions, asking the Central Bank of Nigeria (CBN) and the Economic and Financial Crimes Commission (EFCC) to address the pressing security risks to Nigerians’ finances.
Aguoru, a Chartered Engineer and Director of Information Security, highlighted the need for the apex bank to ban card PINs for online purchases.
Paystack, Flutterwave, and others require card PINs
He noted that current practices expose Nigerians to high risks, including phishing, keylogging, and man-in-the-middle attacks.
According to him, Nigerian payment providers such as Paystack, Flutterwave, and Interswitch continue to request Card PINs for online transactions, a practice he says is no longer in use globally.
According to the cybersecurity juggernaut, PINs are explicitly designed for ATM and POS use, where secure encryption is used, but using them online exposes users to cyber threats.
Punch reports that Aguoru, a pioneer of one-time (OTP) passwords for card-not-present transactions, said that continuously using PINs could allow evil people to intercept and misuse consumers’ details.
Aguoru advocates for OTPs
He added that Nigerian consumers should depend only on OTPs or multi-factor authentication for online payments rather than using both.
He said:
“Combining OTPs with card PINs is unnecessary and risky. Instead, customers should be provided with secure alternatives, such as hardware card readers that generate OTPs independently,” he said.
The expert called on the CBN to enforce security measures and educate the public on safe online practices.
He said adopting the measures would align Nigeria’s payment systems with global best practices and reduce the risk to Nigerian consumers.
Nigerian banks sack 105 employees over fraud
The development comes as reports on Fraud and Forgeries in Nigerian Banks by the Financial Institutions Training Centre (FITC) in the first half of this year showed that at least 105 bank employees were involved in fraud.
However, this figure was a 34.38% decrease from the 160 employees involved in fraud cases in 2024.
The amount lost to fraud cases rises
Despite the decline in staff involvement in fraud, the total amount lost to fraud cases rose by 380.13%, up from N12.33 billion between January and June 2023 to N59.2 billion in the same period this year.
The number of bank employees terminations due to fraud rose, with 84 employees dismissed in the first half of 2024, an increase of 223.08% from the 26 terminations recorded in the same period last year.
However, outsider involvement in fraud cases declined slightly by 10.78%, with 21,335 cases reported in the first six months, a decline from 23,912 in 2023.
The top channels for fraud in banks
Data showed that outsider involvement in fraud cases stood at 92.74% of bank fraud cases between January and June this year.
The fraudsters employed different channels to perpetrate their activities.
The three most prevalent channels for fraud in banks were via ATM, web, and fraud involving bank branches.
In the period under review, fraud via bank branches tops the list with a significant margin involving a total of N55.01 billion, representing 646.4% from N7.37 billion lost to fraud at bank branches in the same period in 2023.
The banks recorded web fraud of N1.87 billion, while ATM-relation fraud increased to N43.1 million in the review period.
Nigerian banks upgrade platforms
Legit.ng earlier reported that commercial banks’ tech upgrades in the past few weeks have caused severe customer concerns, panicking bank customers in rural areas.
The situation is set to get worse as more banks announce that they will be upgrading their technology infrastructure in the coming weeks.
According to reports, Sterling Bank customers tasted the bitter pill of frustration after the bank began migrating its systems from T24 to SEABaaS, a new, locally-developed core banking application, causing disruptions that lasted for days.
PAY ATTENTION: Сheck out news that is picked exactly for YOU ➡️ find the “Recommended for you” block on the home page and enjoy!
Source: Legit.ng