Customers who have their card issued by a Deposit Money Bank (DMB) in Nigeria may be expected to pay at least $6.00 (1000.00 NGN) each time their card got trapped in the ATM; this move has become necessary given Central Bank of Nigeria (CBN) new guideline on Card Issuance and usage.
The CBN guideline read, “Any trapped card in the ATM shall be rendered unusable (by perforation) by the acquirer and returned to the issuer on the next working day”. Explaining the rational for the new guideline, the Director, Banking and Payment System Department, Mr. Dipo Fatokun alluded this is meant to augment non-disclosure on cardholder information to the minimum.
Fatokun explained- if information such as the Primary Account Number (PAN) is disclosed, it could be used for Card Not Present’ transactions. Card Not Present transaction normally happen over the web in which case you only need the information on the card (PAN) and don’t need the PIN (PAN is the sixteen digits information displayed on the customer card).
Some of our DMB sources has however asserted this move may be retrogressive as most banks now have Securecode (Mandatory second factor authentication other than the PAN) enabled for their CNP transactions.
Giving the increasing volume of electronic payment transaction in the Nigerian Sector, a pertinent question to ask is who bears the risk in the event of Card Not Present (CNP) fraud- Is it the customer, the card issuer or the merchant?
In its simplest form CNP fraud involves the unauthorized use of a customer card details to purchase product or service from a merchant in a non-face-to-face setting. What usually happens is the merchant never physically inspects the card used for transaction, thus the term “card not present” applies. The transaction happens over a merchant website or through the phone/email purchase order, the merchant subsequently release the goods or render service with the understanding that the customer authorized the purchase and will make the required payments.
In a card not present transaction, typically, the customer information used to perpetuate the fraud includes the card number, the card verification code, and the expiration date all of which are printed on the physical card. In most cases the PIN which is known secretly by the customer is not used.
So who bears the brunt in the event of fraud?
Generally, if a merchant accepts a card for a purchase and the card is physically present, the liability for loss fall on the card issuing financial institution, not the merchant; however, under Card Association rules of most developed economies (US inclusive), the risk of loss falls on the merchant. The implication of this is that the full value of a purchase will be charged back to the merchant if the transaction turns out to be a fraud.
Fraudulent transaction trough Card Not Present transaction seems to be on the rise. A reliable source reveals that 62 percent of the bank in Nigeria has recorded this type of customer fraud claims in the last three years.