Kenyan telco Safaricom, who pioneered mobile money with their M-PESA service, are helping banks and other financial institutions combat fraud by providing an API that tells them if a customer’s SIM has recently been changed. This will make it more difficult for fraudsters to steal from customers by taking control of their phone accounts. Boniface Gitonga Mungania, Head of M-PESA Product Management, explained further on LinkedIn:
…as more and more people have moved to digital banking, we have similarly seen criminals also shifting to become more digital. If you want to know what will be the next big technology, just look at where crime is going. Criminals are very agile and quite fast at picking up new trends and acquiring the necessary skills to thrive there…
…We are now providing our partners with a tool that among other things, tells them if a SIM has been recently swapped. The tool will also provide additional anti-fraud intelligence to players in the digital lending sector.
Boniface claimed the system had already reduced attempted fraud “by more than 75 percent”.
Capital Business reported that Nicholas Mulila, Safaricom’s Chief Corporate Security Officer, had encouraged banks to take advantage of the API:
Should the financial institutions adopt the new mechanism, then the country will experience a surge in the use of mobile and internet banking.
However, Mulila also emphasized that the greatest threat comes from within.
The biggest leakage we have is internal and that is why organizations are continuously dealing with fraud cases.
Providing other institutions with the ability to check if a customer’s account has recently been updated will help them to manage risk. With so many banks and other businesses continuing to rely on SMS text messages for their second factor of authentication, other telcos should follow Safaricom’s lead.