In the quest to satisfy the ever expanding and insatiable appetite of customers of banks to get an increased access to banking products, banks and other financial institutions continued to deploy sophisticated IT and Network infrastructures to meet their customers’ demands. Internet banking is a one stop option for banks to give online real-time banking access to her customers.
The advent of internet banking in Nigeria altered the risk and security landscape of Nigerian banks. Financial and economic fraud/ crime in the Nigerian banking sector almost tripled since the advent of internet banking in Nigeria. Cases of identity theft increased and a lot of families lost their means of livelihood just as a result of one click of the mouse made by one fraudster in one remote area. All these and many more puts more pressure on bank executives and other stakeholders in the banking sub-sector.
Users’ confidence on banking in Nigeria continues to erode as cases of fraud and economic crime eats deeper into Nigeria’s financial sector. People complain of receiving an SMS Alert by 1:00am that a debit transaction is taking place on their account. The customer may not have access to either internet or the bank at that point in time to stop the transaction from continuing. This situation will not only erode public confidence but will also affect the business of the companies that specializes on the development of internet applications.
INTERNET BANKING AUTHENTICATION AND AUTHORIZATION IN NIGERIA
The increase in the financial losses associated with increased security issues and risks in Nigerian internet banking can be put under control if internet banking authentication and authorization are improved. Most Nigerian banks use static password to authorize and authenticate access. This is a bad practice and needs to be re-evaluated. Multi-factor access control to internet banking is what every forward looking bank in Nigeria and their executives should consider. A multi factor access control is a combination of authentications.
One good practice I have helped a bank in Nigeria implement is the use of Token in combination with static password and user name (ID). The process is simple; every customer that must use internet banking application must be given a token device that will be configured with the accounts. The serial number of the token device would be inputted in the customer’s account. A user of internet banking facility is automatically taken to a token page where s/he is required to input a randomly generated number from the token. With this, the negative effects hackers, pharmers, phishers and other financial fraudsters will be minimized.
If you by chance disclose or expose your internet banking ID and password, the identity theft will still not have access to your internet banking platform except s/he gets hold of your token- which is very rare.
To your internet banking safety!