Prepare for mobile payment fraud risks - Analyst urges

A fraud and money laundering prevention strategist has predicted that mobile and online payments will soon become dominant in Ghana.

Richard Kumadoe, the Executive Director of Quest Services Ltd, a due diligence & risk management center, yesterday told CITY & BUSINESS GUIDE that “because mobile payments are so new, financial institutions in Ghana are still trying to understand which threats to address first since there is still very little understanding about what institutions need to do in the mobile space to mitigate these risks.

Mr. Kumadoe said “the current administration must float the idea of developing the standards and procedures for critical cyber security infrastructure that would most likely adopt security best practices in an effort to help develop Ghana’s Cyber Security Policy Framework.

“The goal must be to build the underwriting practices that promote the adoption of cyber risk reducing measures and risk-based mobile payments systems with an extensive knowledge of the effectiveness of specific cyber security practices that can help evaluate specific elements of cyber fraud risk for all practitioners in the financial industry in Ghana,” he said.

He said, “In the wake of these sophisticated attacks waged against some leading financial institutions and their counterparts across the globe, threat intelligence has taken on a greater role, and financial institutions in Ghana are warned, especially the rural banks which are being prepared to implement these payments systems.

“The electronic payment systems fraudsters and online (hackers) get the headlines, but behind the scenes the stealthy insiders which we term, ‘the Enemy-Within’ continue to pose huge fraud risks to financial institutions and the public, and often these fraudsters collaborate with senior officials and trusted employees with privileged access to customer accounts and competitive data.

“For banking and e-commerce providers, maintaining the trust and confidence of customers is critical so providing the best possible cyber security is paramount because no individual and institution is too big or too small to be a target for criminals once you have data, they want it.”

Mr. Kumadoe said that adapting new technology or socially-engineered schemes aimed at helping to control and monitor electronic payment systems would help to detect anomalous transaction and behaviour before fraud occurs and traditional competitors have to overcome internal and external hurdles to achieve success in the area.

“To avoid surprises, appropriate cyber security framework and information sharing has also proven to be a valuable new tool that helps to anticipate sophisticated fraud patterns and tactics in mobile (online) banking operations and said “biometrics could play a key role here.

“Financial institutions need to monitor this risk; which comes down to measuring, understanding and developing an actual basis for it to be imbedded into the cyber security policy framework, and I think as part of the efforts to prevent fraud risk, if something is done about this policy framework it would be quite helpful.

He indicated that effective implementation of the policy framework would not only help in identifying the fraudsters, but also to unravel how are they covering up their crimes, which have resulted in the huge number of customer complaints and theft of funds across the country.

“It is my estimation that financial institutions in responding to these threats of cyber crimes must receive appropriate education and awareness, and the availability of a policy framework would help to set out the guidelines for implementation, monitoring and reporting to ensure Ghana does not become ‘safe haven’ for cyber criminals and individuals, as well as financial institutions becoming conduits for mobile fraud.”