This is a summary of a paper by Hildah Nduati, published by CGAP (Consultative Group to Assist the Poor), May 2018, 8 pages, available at https://www.findevgateway.org/sites/default/files/publication_files/cybersecurity_in_emerging_markets_06-30.pdf
The availability of digital financial services (DFS) has altered the way many payments are collected and processed in developing countries. Ms Nduati argues that, although DFS have helped millions of people stabilize their income and break out of their stagnant socioeconomic positions, there remain many issues outstanding regarding mobile money. This paper focuses on the potential threats and vulnerabilities relating to DFS, including environmental factors, fraud and design failures. For example, Ms Nduati cites the prevalence of “inadequate logical controls, such as lack of user account creation procedures, administrators with excessive access rights, and failure to conduct reviews of current system user access rights, which have led to inappropriate access being granted.”
In 2017, CGAP surveyed 11 DFS providers in Sub-Saharan Africa. These providers identified the following as the primary threats to their firms: internal fraud, data breaches, identity theft and system downtime. Internal fraud includes fraud within a firm as well as its third-party providers. Data breaches generally target information such as credit card numbers, personal identification numbers (PINs), customer logins or intellectual property. Identity theft most often involves baiting customers or staff to share their personal information, which is then used to gain access to various systems. Service downtime is one of the biggest causes of customer mistrust. In 2017, a provider in Kenya left customers unable to access their money for five days.
To reduce risk, Ms Nduati mentions four types of strategies: risk avoidance, risk mitigation, risk transfer and risk acceptance. She again cites the CGAP survey in which 90 percent of DFS companies report plans to increase investment in privacy and data security. Eighty percent of these firms state that they have already increased security through means such as improving data encryption and identification protocols.
By Michelle Fleming, Research Associate
Sources and Additional Resources
CGAP publication
https://www.findevgateway.org/sites/default/files/publication_files/cybersecurity_in_emerging_markets_06-30.pdf
FinDev Gateway homepage
https://www.findevgateway.org/
CGAP homepage
https://www.cgap.org/
Do you know that MicroCapital publishes the MicroCapital Monitor newspaper each month? Find out more at https://www.microcapital.org/products-page/.
Similar Posts:
- SPECIAL REPORT: How to Achieve Responsible Digital Financial Services: European Microfinance Week Opens
- MICROFINANCE PAPER WRAP UP: “Women Agents for Financial Inclusion: Exploring the Benefits, Constraints and Potential Solutions,” by Emilio Hernandez et al, Published by CGAP
- MICROFINANCE PAPER WRAP-UP: “Financing the Blue Economy;” by Michael Adams et al; Published by Asian Development Bank, UNDP, UNEP
- MICROFINANCE PAPER WRAP-UP: “Mobile Money, Interoperability and Financial Inclusion;” by Markus K Brunnermeier et al; published by National Bureau of Economic Research (NBER)
- MICROCAPITAL BRIEF: Money Fellows of Egypt Borrowing $2.2m from Symbiotics to Support Digital ROSCAs
