Kenyans are increasingly adopting digital banking solutions driven by the desire for flexible and convenient banking services. The last two years have seen growth in the adoption of mobile and internet banking services as the government encourages people to adopt cashless transactions as a means of reducing Covid-19 infections.
A survey by the Kenya Bankers Association released in February 2022 indicated that six out of every ten bank customers (58.4 percent) preferred mobile banking, with another two out of ten (20.3 percent) recording their preference for internet / online banking.
The increased adoption of out of branch transactions while offering convenience has also come with its fair share of challenges. Fraudsters have also evolved and are now using advanced technologies and social engineering techniques to defraud targeted institutions and customers.
Some of the common fraud schemes affecting customers include account takeovers, where a fraudster successfully gains access to a customer’s bank account and performs fraudulent transfers. This could be through the unauthorized access of personal information..
When it comes to mobile banking, SIM swap fraud is one of the common ways in which fraudsters gain illegal access to bank accounts. To do this, the fraudsters illegally substitutes or hijacks a target customer’s mobile number. In other cases, fraudsters can also pretend to be officials or employees from a trusted institution such as the bank and dupe the victim into disclosing confidential information or transferring funds to accounts controlled by them.
Ensuring safety
You are advised to never share personal information such as username, password, PIN and OTP with anyone including merchants, relatives and friends. You should also avoid storing sensitive information such as passwords or account numbers on your mobile phone as it has a high likelihood of being stolen or lost. Additionally, you are encouraged to make immediate reports to your mobile phone service providers whenever your mobile phone loses connectivity or reports a SIM card issue to avoid being a victim of SIM swap fraud.
For those using mobile apps, ensure that you sign out of your mobile banking app when you have finished using it as opposed to just closing. This protects you from unauthorized transactions on your bank account in the event that your device lands in the hands of someone else.
Ensuring that you regularly update your mobile banking application and are using the latest version also provides you with an additional layer of protection as banks regularly update their systems to detect fraudulent transactions better. Some of these enhanced features that come with updates may also require that your mobile device is using the latest software (Android or iOS) version.
It is also important to only download mobile banking applications from trusted sources (Google Play and App Store) and review the privacy policy and data access of the apps before installing them. To limit unauthorized access to your device, which may also compromise your bank account, always set your device to require a passcode to gain access if the feature is supported in your device and disable phone features not actively in use such as Wi-Fi and Bluetooth. When changing your mobile phone, delete all information stored on the device.
When using internet banking platforms, do not share your online banking information such as username, password or OTP with anyone. Only submit online account login information to websites using encryption which is indicated by “https://” (the “s” is for secure).
For additional protection, create difficult passwords by use of a combination of letters, numbers and symbols whenever possible. These should not be personal details that may be easy to guess like date of birth, city or town of residence or birth, or names of family members. Avoid using the password autosave feature on your web browser. It is also advisable to change your passwords frequently and do not re-use them.
Avoid using cybercafes or public WiFi when accessing your bank account. Do not click on random links in email, social media pages and online advertisement or download unsolicited files as they may contain malware that can be used by hackers to access your account. Always ensure that you log off or sign out of your online banking sessions. Simply closing the browser window does not necessarily end your sessions. It is also important to ensure your computer is running on the latest software version.