With more than $1.9 billion processed daily and over one billion registered accounts globally, mobile money is a massive industry. With strong growth coming from Africa, many analysts consider the region to be the epicentre of the global market.
PayPal’s recent announcement that it will expand its Xoom money transfer service to more countries on the continent this year makes it evident that there is still significant growth to come. But this also means that consumers must be aware of the security risks associated with mobile wallets and payments.
By 2019 there were 481 million registered mobile money accounts in Africa, making up 46% of global accounts. And with the COVID-19 pandemic resulting in lockdown conditions in many countries, even more people have turned to using mobile wallets instead of cash, as a safer option – from a hygiene perspective at least.
“While there is ample benefit to be gained from mobile money, spam, phishing, social engineering, and fraud all form part of the cyberattack landscape when it comes to this innovation. Threat actors are constantly coming up with more innovative tactics to compromise people’s wallets whether these pertain to traditional bank accounts or mobile wallets. It is therefore imperative that consumers remain vigilant and apply common sense to their transactions and engagements with mobile money services.”
Bethwel Opil, Enterprise Sales Manager at Kaspersky in Africa
While cash has long been considered “king”, mobile money and e-wallets have been growing exponentially in Africa over the past decade – and as the number of international and African players enter and expand into new markets across the continent. These provide a more user-friendly alternative to processing micro-payments and reduce the amount of cash people need to carry with them. And the expectation is that the region would exceed half a billion accounts by the end of 2020.
“Considering the significant growth and potential for mobile money and e-wallets, these payment platforms must maintain a high level of security and keep improving on it. Given the financial and reputational risk, no provider can afford to have its systems compromised. However, security is only as strong as the weakest link in the chain. And like all other digital solutions, this is often the end user. Education is therefore the most critical component of mitigating the risk of social engineering compromises from people opening malicious links, sharing sensitive information, or falling foul of fraudulent schemes.”
Bethwel Opil, Enterprise Sales Manager at Kaspersky in Africa
The report lists the following precautions to be taken:
- One of the best ways to avoid having a device being compromised is to avoid clicking on malicious emails, attachments, or other messages. Users must look out for red flags in communication from those purporting to be from service providers. For example, they need to be wary of grammatical mistakes, attempts to incite a sense of urgency or danger, e-mail addresses and links that differ from the official ones (even if just by one letter), and so on.
- Never trust messages unconditionally. It is imperative to check any potential issues through one’s personal account on the Website or in the mobile money app. This is especially important when it comes to messages confirming the crediting of funds.
- A user must also never use an unfamiliar delivery service especially when it comes to online purchases. Users must be careful of using alternative money transfer methods to the ones they are comfortable with. These are typically not covered by the protection programs of mobile money or money transfer applications.
- It goes without saying that users must never give out personal information beyond what is necessary for the transaction. This includes usernames and passwords.
“In many respects, it is still the ‘Wild West’ when it comes to mobile money and e-wallets. Even though the solutions are safely used by millions of people daily, hackers are always on the lookout for soft targets. Constant vigilance and education remain essential to safeguard against any potential compromises.”
Bethwel Opil, Enterprise Sales Manager at Kaspersky in Africa