A few days ago a friend of mine shared with me the unfortunate experience he had when he fell victim to a card fraud syndicate based in another country. He fell victim because they managed to get him to release information about his card. While this might sound shocking to some people in the banking sector, it occurred to me that it is not far fetched for someone to be unaware of seeming fundamental practices expected in a particular field if one operates outside that field. A good example would be that we still depend on TV shows and the Internet to know about key hygiene habits and proper eating. We search for such knowledge because it borders on practical life issue which may become a matter of life and death at some point.
After he narrated his experience to me I decided to share a few tips from my personal which I feel may be helpful to the public given that we are all immersed in the digital economy. Most of us use debit cards, mobile money and Internet banking. All kinds of technology tend to come along with attendant risks which we must deal with. In the case of debit cards and digital banking in general some of these risks are related to security and people typically fall victim because of lack of knowledge. While I am sure you will find the tips useful, I must say they are personal and not professional. I am by no means a cyber security expert but I definitely have a lot of them around me.
So without further ado, I will share eight tips will help reduce the risk of falling victim to fraudsters:
1. No Sharing
Do not share your card details with ANYONE. I once posted this on a forum for married couples and I could literally feel the recoil of the wives particularly because when addressing sharing ATM PINs for example what is at stake is more than just security. A couple is expected to share EVERYTHING and thinking about it deeply, if you are unable to use your card in an emergency, your spouse is probably the next best source of help to retrieve money on your behalf. In terms of security however, you may want to consider other approaches to being prepared for emergencies that would demand a quick response to the need to cash and I think there are many strategies you can adopt. Keeping your card details to yourself should be your default habit.
2. Use Secure Websites
When using your card online, ensure the website is a secure website. Most of the time your browser will let you know if there is a problem with the website’s security. One fundamental check is to ensure the URL begins with https:// and the beginning of the Uniform Resource Locator (URL) has a padlock icon next to it. The URL is what we typically call the “link”.
3. Crosscheck the URL
When using your card online ensure the website is where you actually intend to be. It pays to cross check and ensure you have not been with with something like https://g00gle.com instead of https://google.com or https://zenithbank.b.com instead of https://zenithbank.com. Often when fraudsters send you threatening emails about your card expiring or all your money about to be deducted from your account they would send URLs that look like your bank’s URL and count on your state of panic to lead you into clicking the link without really checking what you are clicking. Don’t panic, crosscheck the URL.
4. Minimize the Money
Keep as little money as possible in the bank account associated with your debit card. If in some way your account still gets hacked, you can ensure the damage is minimal by limiting the amount of money in that account. Alternatively you can ask your bank to supply you a debit card which you can fund directly. Ecobank and many others offer this service. This way you can control the amount of money on the card.
5. Use Multi-factor Authentication
Ensure you have Multi-Factor Authentication (MFA) on your Internet banking account. This just means that when logging in to your internet banking account or at least when making a transaction, the system should ask for your password (something you know) as well as for a one time pin (OTP, something you have). Your password is the first factor, your OTP which comes from a token or from an SMS on your phone is the second factor. We say the second factor is something you have because it is typically a token or your phone. It can be inconvenient to need to go through these protocols before completing a transaction but you need to be aware that it takes ONLY ONE HIT to rob you of a large amount of money in a matter of minutes.
6. Block Your Card
If you ever lose your card or accidentally expose the details in a manner that you consider risky, ensure you call your bank to block the card IMMEDIATELY. These days it is incredibly easy for criminals from remote parts of the world to clone your card once they have the details.
7. Be Careful with Terminals
A collegue of mine experience a certain business which has become popular in Nigeria last week. It involves making a Point of Sale (POS) terminal available during events so people can easily withdraw cash for the purpose of “spraying” dancers during the event. While this is an ingenious innovation in areas where Automated Teller Machines (ATMs) are distant, one must be very careful because if that terminal is compromised, you may not be able to trace the merchant or the device. These terminals can be modified to include functionality that capture your card details. If you are suspicious that a device is anything more than an ATM/POS, do not use it, period. It also pays to have two or three ATMs around your home or office you use regularly if you need cash, that way you are more familiar with them.
8. Block Your Mobile Phone Line
Given that most of us are also migrating aggresively to Mobile Banking an Mobile Apps, let me add a note on mobile phones here. If you lose your mobile phone, block the line immediately. Nefarious fellows can easily use your phone to onboard your bank’s Mobile app, get authenticated and then have access to your account. This can happen in a matter of minutes. A colleague of mine narrated this experience as having happened to his father just last week. He only got to know because his email address is tied to his father’s bank account. His father was completely oblivious of the transactions occurring on his bank account via the bank’s Mobile App which he himself had never used.
The above is not necessarily an exhaustive list of guidelines for staying safe with respect to the use of your cards and other aspects of digital banking/e-commerce. It is important to get even more education on these issus on the internet in the same way as you look for information on health, personal finance and the likes. The fundamental rules that show up in the eight points of this article are the need to be careful, be actively mentally engaged when using these facilities and to never act out of fear, panic or greed.
Kenneth Igiri is an IT Professional with over 14 years’ experience in Service Management, Applications and Databases currently working in the banking sector. he current works with the Enterprise Architecture Team in his organization helping to build the bank of the future. When not working, he blogs, writes and teaches Sunday School. He is active on Facebook, YouTube and Instagram.