Mobile money growth stunted by swindlers
What you need to know:
- One of the main reasons M-Pesa is vulnerable to hacking is due to the lack of secure authentication methods.
- Most users only rely on a simple, four-digit PIN to access their accounts, which is easily breakable.
- Many hacking attacks rely on tricking people into giving away their login credentials or installing malware on their devices.
Buoyed by continued growth and innovation, the future of mobile money is bright.
As more people worldwide gain access to mobile phones, mobile money is expected to continue to grow, especially in developing countries like Kenya, where traditional banking services don’t meet the needs of many citizens.
Innovators are building more services on top of M-Pesa and other mobile money services, including a broader range of digital financial services, such as loans, savings, and insurance, to provide users with a more comprehensive financial solution.
There is also expected to be a greater demand for interoperability between different mobile money platforms, allowing for seamless cross-company and cross-border transactions.
But the biggest impediment to the faster growth of mobile money services is losses from fraud and cybercrime.
The ease and convenience of sending and receiving money through mobile phones have made them an attractive target for crooks.
It is difficult to estimate the amount of money lost through fraud and hacking in mobile money services in Kenya, as these incidents are often underreported, and the companies do not publicly disclose the figures.
However, according to media reports, the number of reported fraud cases has been rising in recent years, with hackers using various tactics to steal money, such as SIM swapping and phishing attacks.
One of the main reasons M-Pesa is vulnerable to hacking is due to the lack of secure authentication methods.
Most users only rely on a simple, four-digit PIN to access their accounts, which is easily breakable. This is especially true in rural areas, where mobile phone penetration is high but financial, and tech literacy is low, and users may not be aware of basic security measures.
Many hacking attacks rely on tricking people into giving away their login credentials or installing malware on their devices.
Some users do not take basic security measures, such as setting strong passwords, regularly updating their software, and downloading apps from trusted sources.
Regular updates
Manufacturers may not provide regular software updates for older models of phones, leaving them vulnerable to known security threats.
Inadequate security measures to detect and prevent fraud also contribute to challenges in mobile money services.
For instance, mobile money systems in Kenya do not use multi-factor authentication, a recommended security measure for online transactions. A hacker who gains access to a user's SIM card or mobile phone can easily transfer funds from their account without being detected.
To reduce the risk of fraud, it is important for mobile money users to be vigilant and take basic security measures, such as setting strong passwords, avoiding public Wi-Fi networks, and being cautious of phishing scams.
Additionally, mobile network operators must take more responsibility for securing their networks and ensuring the privacy of their customers' data and by extension, their hard-earned cash.
Mr Wambugu is a Certified Cloud and Cyber Security Consultant. [email protected]; @Samwambugu2