The activities of fraudsters in any society have always been a thorn in the sides of its financial sector. As financial companies went digital, so did fraudsters — notoriously creative persons that manage to improve with advancements in technology.
Last year, Sam Okojere, Chairman of the Nigeria Electronic Fraud Forum, (NeFF), stated that cases of electronic bank fraud between 2016 and 2018 rose to ₦5.571 billion ($14.2 million). According to the NeFF, while over-the-counter fraud declined, those done through digital channels have been on the rise.
With seeming fluidity, these fraudulent activities have evolved with the introduction of new payment channels, with Automated Teller Machines (ATMs), Mobile payment, and point of sale (POS) channels being the heaviest hit in recent years.
According to the CBN’s financial stability report for 2018, the highest incidences of fraud took place with ATMs at 34.87% fraud interest index. Mobile payment channels followed closely with 28.21% and POS 19.55%.
About 18.94 billion cases of fraud and forgeries were recorded in 2018, with actual losses estimated at ₦2.21 billion.
The emergence of dynamic fintech companies in Nigeria’s financial sector has also placed them in the fraudster’s line of fire. The use of BVNs, ATM details, and mobile banking PINs for fraudulent transactions have become commonplace in recent years.
Trying to find a solution
Having plagued the fintech community for a number of years, a number of major players have asked for some solutions with which to tackle the ever-growing problem.
Jumps to the next platform.
It’s high time we came together to build an open source fraud database to curb this & create more trust in the ecosystem. 🤔 https://t.co/SdmCgXgmEU
— GB 🦋 (@TechProd_Arch) May 9, 2020
Hahaha sounds good to me.There should be a database of fraudulent users. @mrtoluabiodun let’s do this.
— Yinka (@waleyinks) May 11, 2020
Fintech A flags a fraudulent user (mapped to BVN) such that when the fraudster attempts to open an account with Fintech B, she is flagged.
Some sort of fraud monitoring infrastructure that pulls data across all fintechs in Nigeria.
— Bishop (@mrtoluabiodun) May 10, 2020
A little observation will reveal that most of these fraudsters move from one fintech company to the other, usually adopting the same methods. From fake transactions with payment companies to serial borrowing from several digital lenders, the entire system highlighted a lack of shared data between fintech companies.
Voyance, a Nigerian data science company, recently launched Sigma, a shared graph database that allows companies to contribute flagged identifiers to the database so other companies in the “sigma alliance” can look up an identifier before allowing the user on their platform.
[auto-iframe link=https://techpoint.africa/2019/12/24/ceo-of-defunct-oyapay-now-runs-voyance/embed tag = first]
In a chat with Techpoint, Abdulhamid Hassan, co-founder of Voyance, reveals how his company’s new product could solve problems of fraud for fintech companies in Nigeria and beyond.
According to Hassan, a lot of companies don’t want to say they have a fraud problem but we all know they do, hence the need for a unified database with information from different companies.
“So the idea is that most of the fintech companies in Nigeria have a list of identifiers — BVNs, phone number, or IP address — flagged by their fraud team but this knowledge is not shared across all companies and that’s why we’ve built sigma,” Hassan says.
According to Hassan, “if Fin-tech (A) within the alliance backfills the graph database with a fraudulent user identifier — BVN, phone number, IP address etc. –.when the fraudster attempts to perform any activity with another fin-tech using the flagged identifier within the alliance, they are automatically blocked.”
Hassan insists that most criminals rarely use different identities that can be used with different websites or products. Instead, they use the same identifiers across different platforms.
“If I used my BVN to perform a fraudulent transaction on wallet.ng today and I got blocked, there’s no way for Barter app to know that I was a fraudster on wallet,” says Hassan.
“You take a loan with lending company A and leave the app, and go to lending company B to take another loan, the lending company B doesn’t know that you have a pending loan with another fintech,” he adds.
Hassan reveals that the platform is currently onboarding companies within and outside Nigeria, but for security reasons, their identities will remain anonymous.
“As a company in Ghana, you can flag an identifier with sigma, and if the identifier is used with a Nigerian company in the alliance, it’s automatically blocked,” Hassan reveals.
Hassan states that contributing companies are strictly by invitation, and not just anyone can have access to the contributing API. The platform will be free to use for the first six months after which a monthly operating fee will be charged.
A promising initiative faces an uphill battle
According to Dele*, founder of a Nigerian fintech company, innovative ideas to beat fraudsters are always welcome, but the criminal mind will keep finding ways to beat even the most protected security system.
Dele states that while using an allied database for fintechs is a very laudable initiative that might considerably check the activities of fraudsters, issues of fraud should involve not just fintech platforms. Commercial banks and the country’s Apex regulator should also be part of the process.
“A fraudster steals a BVN or PIN and uses it for a transaction online, the merchant receives payment, the customer goes to his/her bank to complain, bank appeases the customer, and without a thorough investigation, debits the payment switch responsible for that transaction,” Dele claims.
This, according to him, is largely the case, as current regulations exist to protect the customer, and banks will always try to mitigate any loss by passing it off to the platform that handles the payment switch for that merchant.
Dele argues that the likes of Mastercard or VISA might not mind the expenses incurred from such transactions, but Nigerian fintech companies can hardly afford to pay such amounts every time.
A little research reveals that another new platform, karma.ng, also allows fintech players to use their API to block known fraudsters or serial borrowers from accessing their platform.
In 2013, the Central Bank of Nigeria (CBN) and the Nigeria Inter-Bank Settlement System (NIBSS) developed an anti-fraud portal to help banks report e-payment fraud in real-time. However, most of these cases remain unreported.
For Dele, the success of such an alliance will be greatly boosted if commercial banks also contribute information from the wide expanse of customer data they have and regulators introduce policies to protect fintech platforms in Nigeria.
Such initiatives will always be welcome, but for them to succeed the cooperation of the larger financial industry will be required. For now, companies can request access to the Sigma database here.
Asterisk (*) – not real name