It is sad that eight years after the Central Bank of Nigeria (CBN) introduced the agent banking system to boost financial inclusion through Point of Sale (PoS) terminals, fraudsters have deployed the tool to defraud unsuspecting members of the public. There are concerns now that the fraudulent practice of some unscrupulous operators in the system will defeat the lofty goals of PoS under which financial institutions and mobile money operators have been licensed to provide financial services to members of the public.
In the wake of restrictions imposed by government last year to curb the spread of COVID-19 pandemic, the use of PoS witnessed a boom as many Nigerians patronised the operators. Available statistics from the Nigeria Interbank Settlement System (NIBSS) revealed that the value of transactions through PoS terminals across the country between January and June this year stood at N3.01 trillion. This represents about 50 per cent compared with the N2.03 trillion recorded value of transactions last year.
But the growth of electronic payments, especially PoS transactions, may have triggered a disturbing increase in the incidence of PoS fraud. According to reports, some of the PoS agents are scammers. They carry out the fraud by manipulating security information in a customer’s Automatic Teller Machine (ATM) card such as Personal Identity Number (PIN), Card Verification Code (CVC) and other details. In recent times, many customers have complained that they were defrauded at some PoS centres, and that most of the transactions were through withdrawals using pay codes. A pay code is a 10 to 14 digit number often used to withdraw cash from an ATM or make payments on a pay code enabled PoS terminal.
We condemn the rising cases of PoS fraud. It is unfortunate that a device introduced to aid financial inclusion and ease money transfer in 2013 is now being used to defraud many Nigerians. The CBN must wade in and arrest the ugly development. The operators of those fraudulent PoS can be traced, apprehended and tried for financial crimes. While that intervention is being awaited, we advise Nigerians to be circumspect of the PoS centres they patronise and report immediately to their banks and the police in case of any fraudulent withdrawals from their accounts.
The 2020 NIBSS report showed that the banks lost N3.5billion between July and September as a result of the activities of hackers, cyber-criminals and other malicious actors. The loss represents 534 per cent rise from the same period in 2019 when it was N552 million. According to the report, the highest number of the fraud was committed on the web channel transaction. Also, transactions done over the phone accounted for a loss of N410 million or 11.7 per cent of the entire loss recorded within the three-month period covered by the NIBSS report.
The report also showed that web, PoS and mobile channels have become viable platforms for the rising fraud. Data from the Nigeria Deposit Insurance Corporation (NDIC) indicated that online fraud has become a growing concern for investors in the financial services sector, with a hefty loss of N15.5billion in 2018. The banking sector lost a total of N12.30billion between 2014 and 2017. About 89 per cent of all the fraud happened through electronic channels.
The rise in PoS fraud is not altogether surprising considering the fact that technologies, such as Near-field Communication (NFC) and Radio-Frequency Identification (RFID) used in cashless PoS transactions are vulnerable to data theft. A recent research by Forbes Technology Council predicted that PoS fraud would be more prevalent in the post-COVID-19 cashless era.
To minimise the incidence, the organisation advised that operators should learn how to utilise point-to-point encryption (P2PE) solution to safeguard PoS data. Without P2PE, it is near impossible to guarantee that payment data will remain secure from customer’s smart phone to its destination. While it is imperative to check the rising PoS fraud, there is need to find out the underlying causes and tackle them urgently. We think that youth unemployment and poverty can exacerbate PoS fraud.
We enjoin the PoS agents to be compliant with the Payment Card Industry Data Security Standard (PCIDSS), which contains guidelines for PoS system and how to make point-to-point encryption work efficiently. The banks should also rise to the challenge by making their e-transactions system more secure that it will be difficult for fraudsters to breach. Due to involvement of some bank workers in e-fraud, background checks must be part of banks’ recruitment process. The CBN and the banks must come up with far-reaching measures to check the rising cases of PoS fraud.