Customers who lose money to fraudsters through the mobile money-driven Unstructured Supplementary Service Data (USSD) banking will be reimbursed by their banks, the Central Bank of Nigeria (CBN) has said.
The USSD Banking platform allows customers to transfer money to third party, buy airtime, open accounts, pay bills and book travels, among other services, using their mobile phones, but the level of customer protection is still below regulatory threshold.
CBN Director, Banking and Payments Department, ‘Dipo Fatokun, said the apex bank reviewed the process of USSD deals and directed banks to allow their customers transacting through the platform to use a Personal Identification Number (PIN) instead of the last four digits on their Automated Teller Machine (ATM) cards. He spoke at a forum organised by financial correspondents in Lagos.
Banks are yet to perfect the security around the USSD transaction plan. They are not providing additional security, such as allowing PIN into the transaction process as against the current practice whereby customers rely on the last four digits of their ATM cards for transactions.
This has resulted in many customers losing their money to fraudsters or people who have access to their ATM cards.
Speaking on the theme: “Recent developments in the electronic payments system and implications for consumers of electronic payment services” Fatokun said: “We have reviewed the process of USSD and instructed banks that they must use a PIN. It is possible for people to come in contact with your phone, and also come in contact with your ATM card and so, use the last four digit of your card as PIN and that is dangerous. Give a customer a PIN, which is known only to him. One of the banks, I won’t mention names, told us they needed to do system configuration, to ensure that customers can use one time password (OTP) or give the customer password or a token.”
Fatokun said until the banks are able to provide OTP or token to customers transacting through the USSD platform, they will bear the cost of any loss of funds through the process.
“Meanwhile, until that is done, the banks assured us, in writing, that any customer that suffers losses, they would pay. So, if you have cases of people who have suffered losses on USSD platform and their money has not been refunded, let us have it,” he said.
CBN data showed that about N40 billion transactions pass through the mobile money network monthly. It also showed that although e-fraud rate in terms of value dropped by 63 per cent last year, after the Bank Verification Number (BVN) introduction and improved collaboration among banks via the fraud desks, the total fraud volume rose significantly by 683 per cent within the year compared to 2014 figures.
Also, the country experienced 3,500 cyber-attacks with 70 per cent success rate and loss of $450 million within the last one year mainly through cross channel fraud, data theft, email spooling, phishing, shoulder surfing and underground websites