Per­sis­tent scams force banks to act

Business Day - - FRONT PAGE - Londiwe Buthelezi

SA’s ma­jor banks are re­view­ing their on­line se­cu­rity mea­sures to com­bat in­creas­ingly so­phis­ti­cated cy­ber­crime. Absa re­cently had to re­fund one of its clients the R3.1m stolen from his ac­count as a re­sult of SIM-swap fraud, but said this was an iso­lated in­ci­dent.

SA’s ma­jor banks are re­view­ing their on­line se­cu­rity mea­sures to com­bat in­creas­ingly so­phis­ti­cated cy­ber­crime.

Absa re­cently had to re­fund one of its clients the R3.1m stolen from his ac­count as a re­sult of SIM-swap fraud, but says this is an iso­lated in­ci­dent. It has had strong con­trols in place since 2017, says the bank, and cus­tomers who adopted the new safety fea­tures of­fered on apps and on­line, have not ex­pe­ri­enced SIM-swap fraud.

Last week, the case of a Cape Town busi­ness­man who had R3.1m stolen from his ac­count while he was out of the coun­try made head­lines.

On Fri­day, Ul­rich Janse van Rensburg, head of fraud strat­egy for the bank’s re­tail and busi­ness bank­ing said that for cus­tomers who had not adopted the new con­trols, it was now plac­ing holds on ac­counts where a SIMswap oc­curred. “SIM-swap fraud has been an iso­lated fraud type since the bank im­ple­mented the SIM-swap con­trols on the Absa bank­ing ap­pli­ca­tion,” said Van Rensburg.

Stan­dard Bank has adopted the same sys­tem, plac­ing a hold on ac­counts once it has de­tected a SIM-swap on cus­tomer num­bers linked to its ac­counts.

Capitec said its sys­tem can also de­tect SIM swaps if pro­vided by the cell­phone net­work provider. How­ever, Capitec has taken its se­cu­rity mea­sures a notch up by us­ing fin­ger­print reg­is­tra­tion on its bank­ing app to make sure the app is im­mune to SIM-swap fraud.

In its lat­est re­port, the SA Bank­ing Risk In­for­ma­tion Cen­tre said dig­i­tal bank­ing crime re­lated to SIM-swaps in­creased by 104% from Jan­uary to Au­gust 2018, com­pared to the same pe­riod in 2017, the high­est jump of all dig­i­tal bank­ing crime in­ci­dents.

This kind of fraud has be­come more so­phis­ti­cated. Apart from the known SIMswap scam, fraud­sters are now us­ing a rel­a­tively new twin SIM scam where they du­pli­cate peo­ple’s cell­phone num­ber onto an­other SIM card. They are able to di­vert cer­tain phone calls and SMSs to the new SIM.

Bank cus­tomers will also be able to ap­prove all debit or­ders against their ac­counts from Oc­to­ber 2019, said Stan­dard Bank. All banks are work­ing on im­ple­ment­ing a new sys­tem called De­biCheck, fol­low­ing the Re­serve Bank’s di­rec­tive to the Pay­ment As­so­ci­a­tion of SA to find a so­lu­tion to the is­sue of il­le­gal or in­cor­rect debit or­ders.

“As a first step, a cus­tomer s man­date will have to be ob­tained and con­firmed be­fore a debit or­der in­struc­tion can be ini­ti­ated. Cus­tomers will now have to elec­tron­i­cally con­firm the va­lid­ity of a debit or­der re­quest and con­firm this with their bank,” said Stan­dard Bank spokesper­son Ross Lin­strom.

The bank’s De­biCheck ca­pa­bil­ity is now live, he said, al­though at a con­trolled vol­ume level. At this point it is only used for early debit or­ders but all banks should have this fea­ture fully op­er­a­tional by Oc­to­ber.

In De­cem­ber, SA banks were again hit by a large-scale R99 debit-or­der scam which led to the likes of Capitec hav­ing to re­fund money to more than 25,000 cus­tomers. Capitec ex­ec­u­tive head of mar­ket­ing and com­mu­ni­ca­tions Fran­cois Viviers said while wait­ing for De­biCheck to be rolled out, the bank will fo­cus on cre­at­ing aware­ness with clients to re­view and dis­pute po­ten­tial fraud­u­lent debit or­ders.

It has en­abled cus­tomers to do this on their bank­ing app as well.

FNB Con­sumer Core Bank­ing CEO An­cley Ja­cobs said he be­lieves that De­biCheck, which the bank is pi­lot­ing, will pro­vide a needed break­through for the in­dus­try in re­duc­ing debit-or­der fraud. The bank has a proac­tive fraud­u­lent debit-or­der warn­ing sys­tem which alerts cus­tomers to po­ten­tial sus­pi­cious debit or­ders that are cur­rently run­ning, Ja­cobs said.

He added that FNB no­ti­fies cus­tomers ev­ery time a new debit or­der is raised for the first time, re­gard­less of the amount.

Newspapers in English

Newspapers from South Africa

© PressReader. All rights reserved.