In recent years, East Africa has made considerable strides in embracing digital payments. Notable trends that have surfaced include e-commerce card transactions, contactless methods like tap to pay and QR code payments, alongside the already well-developed mobile payment systems.
Another trend in the evolving, more inclusive, and efficient digital payments ecosystem is the partnership between financial institutions and fintech companies.
The advent of digital payments has also introduced various risk challenges that consumers and stakeholders must tackle. These challenges include cyber-attacks, SIM swap fraud, social engineering scams, digital identity theft, and regulatory issues.
Fraudsters have been reported to use duplicated e-commerce terminals to perform SIM swaps and cyberattacks, transferring fraudulent credits into mule bank accounts.
In some cases, scammers attempt to intercept and compromise one-time passwords (OTPs) used for completing e-commerce card transactions. They employ various techniques such as social engineering, SIM swapping, smishing, or phishing, to achieve this.
In Kenya, for instance, scammers have been sending text messages to consumers, asking them to click on links to pay postage fees with their debit or credit cards so as to retrieve a package from the post office. This tactic leads to consumers unintentionally exposing their credentials to these fraudsters.
Financial institutions offering card payment services have also been hit by digital fraud. Fraudsters seek e-commerce card acceptance from banks without intending to run a legitimate business, using terminals for illegal activities like money laundering and exploiting stolen card details. This results in losses for banks due to disputes from affected cardholders.
The examples cited above highlight inadequacies in the integration of processes, personnel, and tools within risk management practices. The repercussions of these incidents are far-reaching, affecting not only consumers, businesses and financial institutions, but also the broader ecosystem, including regulatory components.
Apart from occasionally losing their hard-earned money, cardholders’ trust and satisfaction with digital payment platforms are also diminished. Financial institutions and businesses may experience direct losses, subsequently impacting their profitability.
With this in mind, Visa has intentionally partnered with industry stakeholders to aid the region in building a strong risk management framework that will support both existing and future digital payment systems, recognising that effective risk management depends on having the right systems, processes, and personnel.
In the past five years, Visa has invested over $10 billion in advanced cybersecurity, including AI and data analytics, to combat sophisticated criminals and reduce fraud. Visa also supports payment stakeholders with training, risk management processes and consumer education.
A notable example is the recent Visa Protect Executive Roundtable in Nairobi, where more than 40 clients and partners engaged in discussions with Visa’s global and regional leaders about the evolving payment security landscape. They explored top-tier risk and identity solutions for future digital experiences.
In summary, the rapidly evolving digital economy in East Africa is poised to progress even faster in the years ahead. To mitigate the risks associated with this growth, it is imperative to keep investing in appropriate risk management systems, efficient processes, well-trained personnel and adequately-informed consumers.
Basil Kithinji is the Director, Visa Risk, East Africa; and Titus Mbugua is the Director, Visa Consulting and Analytics, Sub-Saharan Africa.
