Technological innovations come with its own misrepresentation of what safety and protection means for organizations, corporations and users as a whole. Creators of web applications and online products are rarely compelled to explicitly spell out the ramifications of confidential information seeping through the cracks of perceived “airtight” mechanisms in place to avert an invasion from external forces.
Vulnerabilities inherent in these tech products are as a matter of principle clouded by the exemplification of their tranquil abilities. In a bid to satisfy a need, outmaneuver and outbid competition in the field, orienting clients on the risks they are prone to are often an afterthought. In most cases, teething challenges and bug related issues are often shrugged off as technical issues which are telling of any tech creation. Hackers, as technologically savvy as they are, skillfully scale firewall and protective balustrade of apps by developers rendering it exposed to the barest minimum and to the detriment of users.
Cashless systems of payment advanced by mobile money operators have found not only some avid users of the product but has gained some equal level of attraction from fraudulent individuals. Operators are pursuing new investments and strategic partnerships to leverage data and innovative financial technologies, and to develop robust and interoperable payments systems to support a range of use cases and financial products.
By providing new products and services to customers, network operators are catalyzing the growth of the industry and increasing financial inclusion. GSMA report on mitigating common fraud risk asserts that, almost a billion people use mobile money to transact over $1.3 billion daily.
“While this growth over the last 10 years has created a significant economic and social impact on the lives of those living in poverty, the nature of financial fraud continues to evolve. Those with malign intentions have targeted mobile money providers and customers to steal personal information and money”.
Coupled with the financial loss and emotional stress affected customers go through, “providers also risk reputational damage”.
With every reprehensible activity perpetrated by these nefarious individuals, “an understanding of the most common and impactful frauds within mobile money” and the best practices required to mitigate these, play a key role in continuing to provide safe and reliable services for the future.
Candidly, when mobile money users lose funds fraudulently, it can lead to not just an erosion of trust in digital financial services but GSMA indicates that in its rawest form it has the possibility of prompting “a move back to using cash”, thereby, “undoing the gains achieved in financial inclusion and undermining the attainment of global development goals”.
Mobile money frauds creates liability and reputational losses for both mobile operators and financial service providers. While financial service providers can compensate customers for the loss of their money, the reputational losses suffered by providers are the hardest to recover due to the long-lasting negative perception that is created.
Managing fraud should remain an important objective going forward as the continued adoption of mobile money depends on customer’s perception of how safe their money is in the mobile money account.
Common and potential frauds in mobile money includes: Vishing/Smishing, where the use of phone calls or SMS to gather personal details such as account numbers, PINs or personal identification details are propagated. Others such as advance Fee scams, in which customers are duped to send funds under fake circumstances or promises.
There have also been instances of reversal requests, where customer requests to reverse transactions that were in fact successful.
In spite of this, mobile money providers should continue to make investments in technology, resources and training to respond to fraud threats, and regularly review whether existing controls are effectively aligned with emerging fraud threats.
For every pervading problems, there are twin solutions to help resolve them, and mobile money fraud isn’t exempt from this. Generally, risks posed by such tech related activities tends to be largely untraceable, mostly unresolvable due to the “wireless” and proximity imposed detriments. However, risk management is a key component to the commercial success of any business. Effective threat management underlies sustainable commercial growth because it protects two key commercial assets: reputation and revenue.
Mobile operators are familiar with managing risks on the GSM side of the business and those that have launched mobile money are aware that mobile money carries different kinds of risk – particularly the risk of fraud.
While the structure of managing fraud may differ, GSMA posits there is a common framework that is widely agreed to be the foundation to any risk management strategy in mobile money. The framework is composed of four elements that mobile money deployments use to manage risk, which are determine risk appetite, identify risks, and establish controls and monitor effectiveness.
“Specific risk management strategies vary from operator to operator. Strategies are affected by numerous factors including stage of development, organizational structure, number of product offerings, regulatory environment and local market context.
“As such, it could apply to many industries but our focus is how it is used in the mobile money context in order to highlight how operators mitigate the risk of fraud in mobile money”.
In determining the risk appetite, GSMA suggests operators successfully prioritize and control the risk of fraud by understanding their risk appetite, “which is a way of expressing what costs they would be comfortable to carry”. Given the dynamic and fast evolving nature of fraud, it is largely left to the providers to determine what might constitute appropriate mitigation. Be it as it may, the benefits of cashless system of payment far outweighs the cons of fraud activities. However, strategic implementation of measures to permanently deal with the implications of fraudulent activities on both the customers and reputation of network operators should be put at the forefront
