Nigerian Bank Customers Risk Financial Losses By Exposing ATM Card Numbers – Zecharia Akinpelu

A cybersecurity expert and the Chief Information Security Officer (CISO) of Unity Bank, Mr. Zechariah Akinpelu, has warned that bank customers exposing the numbers on their ATM cards risk losing their money to criminals even without releasing their PIN.

Speaking at a cybersecurity webinar organised by Routelink Group, Akinpelu emphasized that the false sense of security many individuals have regarding their card protection, especially when relying solely on PIN security, could lead to major financial losses.

While noting that many cardholders believe that if their card is lost or stolen, the attached PIN will prevent unauthorized transactions, he pointed out the danger of “card-not-present” (CNP) transactions, where no PIN is required to complete a purchase on certain merchant websites.

“If someone gets hold of your card details, they can make transactions on your behalf without needing your PIN,” he warned.

Risks from global merchants 

Highlighting the global risks, Akinpelu noted that while Nigerian banks have implemented robust security measures, such as PIN and chip technology, the global nature of online shopping exposes Nigerians to vulnerabilities present in other regions.

“In Nigeria, you can feel secure that most merchant sites will require a PIN for transactions. However, we live in a global village. I can order a phone from anywhere and have it delivered to me within a few days,” he said.

The Unity Bank CISO expressed worry that many Nigerian cardholders care less about the numbers on their cards but only their PIN.

“The way people carelessly handle their cards these days is concerning. People think that because they protect their cards with a PIN, even if the card gets lost, they are protected,” he stated.

Tap and pay 

He said the next payment trend in the developed countries is tap and pay, which also does not require the use of a PIN.

  • While noting that Nigerian banks have the capability, he said it is not being implemented in the country yet.
  • According to him, in countries where the service has been rolled out, it is only used for small transactions such as paying for a train or a bus. In the UK, for instance, he said such transactions do not exceed £10.
  • Akinpelu noted that for Nigerian banks to implement that it has to be done with the consent of the customers.

“For example, if you want to increase your transaction limit, you need to give consent, just like in Internet banking, where you can increase or decrease your daily transaction limit. However you need to be informed and aware of the risks, and the bank must identify these risks,” he said.

Speaking earlier on the essence of the webinar, the Group Managing Director of Routelink Group, Mr Femi Adeoti, said it was aimed at creating awareness about the growing cyber threats for individuals, businesses, and governments.

What you should know 

The most recent fraud and forgeries data released by the Financial Institutions Training Centre (FITC) revealed that Nigerian commercial banks lost a total sum of N42.6bn to fraudsters over a three-month period from April to June 2024.

According to the report, fraudulent activities were carried out through various channels, including ATMs, online platforms like web and mobile banking, bank branches, and point-of-sale (POS) terminals.

Share

Leave a Comment

Your email address will not be published. Required fields are marked *

Verified by MonsterInsights