Security & ID

African banks lead world in mobile security

Published on June 15th, 2016

An October 2015 report from Juniper found that over a billion phone users would have used their device for banking by the end of last year, and it expected this number to double by 2020. In fact, the uptake in emerging markets in particular required the company to revise its 2016 predictions to make allowance for the jump in users.

While international companies are certainly looking at the phenomenon and making sure that mobile forms part of their channel to market, many African companies are opting for a mobile-first approach, simply leapfrogging the traditional channel approach.

From a business perspective, banks understand the benefits of mobile banking and are actively driving its uptake. Mobile banking is ubiquitous, it’s self-service and low cost. Juniper has said that a mobile banking transaction costs a forty-third of an in-branch transaction, and we have heard some banks say that up to 60% of their operational costs go into providing for branch services.

What is interesting, though, is how African banks are placing security at the heart of their mobile strategies. They have good reason to do so. Security breaches threaten to build mistrust towards this innovative and low-cost channel, in turn slowing uptake and the ultimately impacting on the success of any mobile strategy.

According to Kaspersky Lab, the volume of malware targeting mobile users increased three-fold from 2014 to 2015. The RSA Online Fraud Resource Centre, meanwhile, has estimated that a phishing attack takes place every minute, with one in four of those attacks originating in the mobile channel.

The reality is that hacking has become a commodity. Malware is created and is then sold on the dark Web. Attackers move from region to region until consumers catch on or until the market is saturated. Hacking as a service is now a reality, with hackers even having service-level agreements with their customers.

The technology companies that have the advantage are those with a global footprint. They are able to identify and counter threats in one region, and then apply this to all of their global clients, staying ahead of the curve as far as possible.

Security remains high on the global CIO agenda and C-level executives are finally recognising its importance — none more so than leaders of financial institutions in Africa. Securing the mobile channel is mission-critical to client acquisition and retention. They understand that if a customer does not feel secure with an institution, they will either switch to another bank or stop using the service altogether.

It’s this understanding of the customer’s needs that really lies at the heart of the African banks’ strategies. If banks want to drive user uptake, nurturing trust must be a priority. If a potential or current user hears of a bad experience, not only are they less likely to try new services, but they may disengage from the banking platform altogether.

And it’s not only the African banks and mobile payments providers that are taking security seriously. African regulators are issuing directives to force banks to implement decent security. Regulators in Nigeria and Egypt are dictating to banks and ensuring that they use two-factor authentication with transaction signing and public key infrastructure.

The attitude of the African regulators is correct. If criminals broke into a bank and forced a vault open, would the bank’s customers be expected to cover the loss? The same rationale should apply to mobile banking. Demanding a minimum level of security is what regulating for the consumer is all about.

African banks have the right attitude when it comes to how seriously they take mobile security. All the numbers back up this business decision. Kenya’s Equity Bank is a case in point. Equity Bank’s mobile platform, Equitel, is showing significant growth. The bank reported that the number of transactions on Equitel had increased from an average of two transactions per customer per month to 21 transactions by September 2015. Moreover, figures released in March this year showed mobile transactions had reached 151m and that the total number of mobile loans accounted for 78% of all the loans disbursed during the year.

Internationally, businesses don’t yet understand the importance of Africa, and many of them wouldn’t even know what Equity Bank is. It’s arguably the biggest bank in one of the most mobile-centric and innovative markets, demonstrating some of the highest growth potential in the world. There is no doubt that international banks wishing to implement a successful mobile strategy would do well to take a lesson from our banks on the continent.

Schalk Nolte is an AlphaCode Gold Member and the CEO of Entersekt. *Entersekt engineered the first truly interactive transaction authentication system in the world. Their products help secure millions of transactions each day by allowing financial institutions and other enterprises to communicate interactively with their customers through that ubiquitous device, the mobile phone.