Mobile money operators in Ghana especially MTN has received a lot of backlash from the public on the increasing spate of mobile money fraud.
Despite the increased cases of mobile money fraud, it is important for subscribers to know that mobile money platforms are very secure. Unlike card transactions where it is easy for a fraudster to get a customer’s card details (PAN plus CVV) and use it to shop online without requiring the cardholder’s PIN or authorization.
Every mobile money transaction must be authorized by entering a pre-determined 4-digit Personal Identification Number (PIN) known to only the mobile wallet owner. Even when a customer’s phone is lost, their money is still safe because whoever has the phone in his possession will have to get the customer’s PIN before money can be moved out of the wallet.
So if mobile money platforms are very secure why is fraud on the rise? Once again, it is important for Ghanaians to note that most of the mobile money fraud we hear about do not actually happen at the operator level, because security is generally strong there.
What the fraudsters tend to do is to use social engineering to hoodwink unsuspecting customers into handing over PINs or sensitive data and authorizing transactions. In about 97% of all mobile money fraud victims’ mmpGhana.com interviewed, the fraudsters got the wallet holders to authorize transactions through social engineering.
‘Social engineering fraud’ refers to the scams used by criminals to trick, deceive and manipulate their victims into giving out confidential information. Criminals exploit a person’s trust in order to find out their PINs or other personal data.
Scams are carried out usually by phone where victims are told that they have won a prize and that their prize money will be credited to their wallets. The fraudsters manage to send a “push notification” and ask their victims to approve in order for their wallets to be credited.
The victims unsuspectingly and quickly authorize the transaction from their wallet without making due diligence only for their wallets to be debited.
As mobile money operators regularly and periodically update their systems to ensure their customers transact safely on their platforms, customers ought to know that their operators cannot immunize them against social engineering frauds.
Customers of the various mobile money and payments platforms must begin to take personal responsibility by ensuring they are up-to-date on some of the tricks deployed by fraudsters so they do not fall prey to them.