The Central Bank of Nigeria has disclosed Biometric authentication will soon be introduced as authentication for Automatic Teller Machine (ATM) transaction across Nigeria.
Making a presentation at a National retreat held in south west Nigeria, the Director in Charge of Banking Payment Systems, CBN Mr. Dipo Fatokun, disclosed Biometric authentication will help in the fight against electronic fraud.
The move towards Biometric authentication on ATM nationwide will be facilitated by the Bank Verification Number (BVN) which has biometric information of Millions of Nigeria already stored.
The Deputy-Director of Department of State Service (DSS) Mr. Yekini Ishola has warned Internet fraud in Nigeria is more prevalent in the south west, especially Lagos, Ogun and Oyo.
Mr.Yekini Ishola made this disclosure while presenting a paper on cybercrimes and the way out at a two-day annual security seminar organised by the Security Department of Nnamdi Azikiwe University Awka.
Decrying the spate of cybercrime among Nigerian youth, particularly in the Tertiary Institutions, the DSS Chief subsequently submitted that Ladoke Akinola University is presently considered has having the highest concentration of cyber criminals.
Cybercrimes are not committed by an individual, but by a network of criminals. Mr. Yekini reiterated. He later warned that activities perpetrated by these syndicates include using identity theft, hacking, malicious software and other fraudulent methods to gain access into personal information and account details of unsuspecting owners.
Interswitch a leading integrated payment and switching company with offices in Lagos, Nigeria and other part of Africa has named Kenneth Olisa as its new Chairman.
Olisa’s appointment followed investment by TA Associates in Interswitch in March, the management business expansion drive, and plan for $1Billion IPO scheduled 2018.
Olisa brings on board the wealth of experience as a British Business man with a career in technology spanning over 40 years.
With increased adoption of the mobile phone as the preferred medium for conducting retail banking transaction is the increase sophistication of illicit appli
cation targeted at defrauding unsuspecting customers. Called Trojans, these illicit apps can be used to harvest customer data, and ultimately takeover the customer account.
Latest in trail of Trojan targeted at Mobile Banking community is the malware code names Red Alert 2.0 banking Trojan. Feeds from the threat community reveals this new Android Trojan is potently dangerous as it is able harvest both mobile bank authentication as well Second Factor (2FA) credentials.
Besides credential harvest, Red Alert Trojan have consistently upgraded its functionality to be able to block and log all incoming calls from the customer banks. As such the Trojan can intercept calls from fraud unit of financial institutions aimed alerting the customer of suspicious activity.
Unsuspecting users could have their phones infected with Red Alert Trojan by downloading apps via third-party app stores or links sent via SMS messages, WhatsApp or emails.
Once installed, the malware waits for the victim to perform some Mobile Banking Transaction in a bid to simulate the victim’s Mobile Banking app interface. Once the Banking app interface has been mimicked the Trojan could potentially overlays the original app with a fake user interface. This fake user interface could be used to harvest user credential and forward the Red Alert Trojan service on the World Wide Web. The customer 2FA is also at jeopardy as the Trojan could intercept SMS messages sent to the customers.
In summary if a customer phone is hijacked by the Red Alert Trojan, hackers can covertly takeover account to make illicit purchases, transfer funds, and profile the Banking history of the customer!
The Red Alert 2.0 work on Android phones running version 6.0 (Marshmallow) and earlier. In a bid to avoid this Trojan and other associated threat, retail banking mobile app users are strongly advised to download app from approved download store.
Ninety Six (96) page research paper.
Input provided by 11 Nigerian Banks (Inducing Central Bank of Nigeria), NITDA, and EFCC; document endorsed by Nigerian Inter-Bank Settlement System (NIBSS), and sponsored by British High Commission in Nigeria.
Document available on demand, kindly request download @ firstname.lastname@example.org.
File size: 11.5 GB
Customers who have their card issued by a Deposit Money Bank (DMB) in Nigeria may be expected to pay at least $6.00 (1000.00 NGN) each time their card got trapped in the ATM; this move has become necessary given Central Bank of Nigeria (CBN) new guideline on Card Issuance and usage.
The CBN guideline read, “Any trapped card in the ATM shall be rendered unusable (by perforation) by the acquirer and returned to the issuer on the next working day”. Explaining the rational for the new guideline, the Director, Banking and Payment System Department, Mr. Dipo Fatokun alluded this is meant to augment non-disclosure on cardholder information to the minimum.
Fatokun explained- if information such as the Primary Account Number (PAN) is disclosed, it could be used for Card Not Present’ transactions. Card Not Present transaction normally happen over the web in which case you only need the information on the card (PAN) and don’t need the PIN (PAN is the sixteen digits information displayed on the customer card).
Some of our DMB sources has however asserted this move may be retrogressive as most banks now have Securecode (Mandatory second factor authentication other than the PAN) enabled for their CNP transactions.
A release from the Nigeria Deposit Insurance Corporation (NDIC) reveals fraud figures is on the rise within Deposit Money Banks in Nigeria. According to the NDIC report, the banking sector recorded a total of 3,380 cases in 2012 alone, with ATM Fraud topping the list. Other fraud sources include those perpetuated through Internet Transfer/Withdrawals, and suppression of customer deposit.