E payment review, march 2018 by E-Payment Review

IYIN ABOYEJI ON FLUTTERWAVE'S DREAM TO UNIFY AFRICA'S FRAGMENTED PAYMENT SYSTEMS

Vol. 08. No. 01 March 2018

Cryptocurrencies How code became money and what it means for the future + INTERVIEW: Ibrahim Lamorde, Commissioner, Police Special Fraud Unit

1 /E-PAYMENT REVIEW/ MARCH 2018

Carrier neutral data centre and interconnection hub for all networks

M E D A L L I O N C O M M U N I C A T I O N S

NIGERIA'S TELEHOUSE THE ONE-STOP INTERCONNECT AND DATA CENTRE

Medallion operates technologically advanced and secure data centres that enable the hosting and localization of critical contents and services, and provides the platform for the exchange of telecom traffic (voice, data and video) amongst the different operators in the market. International Gateways / Submarine Cables GSM Operators CDMA/LTE Operators Fixed Line / Fixed Wireless Long Distance Providers Metro Fiber Providers ISPs, VAS, Content Head Office: 8a Saka Tinubu Street, Victoria Island, Lagos Email: contact @ medallioncom.com Phone: +234(0)8033471283 2 /E-PAYMENT REVIEW/ MARCH 2018

www.medallion.ng www.medallioncom.com

EPAYMENTREVIEW.COM

E-PAYMENT REVIEW Vol. 08. No. 01 | | Mar 2018

EDITORIAL Brown N. Ugbaja Editor Lucy Akokotu Assistant Editor

Lucy Akokotu E-Payment Review Manager Joy Obaji Administration & Membership

PUBLISHED BY THE E-PAYMENT PROVIDERS ASSOCIATION OF NIGERIA (E-PPAN) MANAGEMENT Onajite Regha Executive Secretary/CEO

TRUSTEES Adedotun Sulaiman Chaiman, Financial Reporting Council of Nigeria Tunde Lemo Former Deputy Governor, Operations, Central Bank Of Nigeria (CBN) Kyari Abba Bukar Chairman, Nigerian Economic Summit (NESG)

Kushimo Oluwayemi Strategy & Projects Manager

Senator Ayo Arise Chairman, Fortunes Games Limited

Adesakin Folasayo Conference Coordinator /Manager

Demola Aladekomo Chairman, SmartCity Resorts Plc & Director, Chams Plc

Babatunde Olaleke Communications Manager

GOVERNING BOARD Macaulay Atasie Managing Director, Nextzon Business Services

Folashodun Shonubi Managing Director, NIBSS Plc

Mitchell Elegbe Managing Director, Interswitch Transnational Onajite Regha Executive Secretary/CEO, E-PPAN Valentine Obi Managing Director, E-Tranzact International Chukwuma Ezirim Head, E-Business, First Bank of Nigeria Kofo Akinkugbe Managing Director, SecureID Nigeria Ltd

ALTERNATE BOARD Niyi Ajao Executive Director (Business Development), NIBSS Plc Eme Godwin Head, Legal, Etranzact International Bob Nwojo Head, Card Business, First Bank of Nigeria Gbenga Haastrup Group Legal Counsel, Interswitch

Agada Apochi Managing Director, Unified Payments Services

Ochanya Dan-Ugo Group Head, Enterprise Risk Management Unified Payments Services

Dele Adeyinka Chairman, CeBIH

Bami Akinlade Head, Information Technology, SecureID

In This Issue March 2018 4 | To Our Readers

10 Questions

6 | Emmanuel Ojo, COO of ChamsSwitch

Talking Points

9 | Mckinsey's global banking report, digits, VC investments in Africa's fintech 10 | Ecobank, Zenith partner Mastercard, CBN rules on bill payment, FG plans innovation centres, Ada the Diamond chatbot, IFM honours Union Bank, Voguepay and Interpol to fight fraud 11 | Medallion starts expansion, Akinboro gets rare honour, appointments 12 | Mauritius mulls fintech funding, Standard Bank and UnionPay deal, leaders back innovation, Ghana women lead business, Zimbabwe's love for e-payment, in short 13 | Thakkar's phone, MTN banking dreams, numbers, Tanzania takes hardline on debt, Google machine learning, Mastercard wants contacless, Uber stays put, blockchain spending

Startup Nation

14 | Flutterwave's CEO on Africa's disintermediation and his plans to end it

Profile

28 | ChamsSwitch capacity to build performance into

digital payment

NeFF Insight

30 | How security ratings patterned after consumer credit scores offer a solution to cyber threats

The Risk Report

32 | Defender Box 2, cryptomining malware drain enterprise CPU power, Security top EU future plans, new mobile authentication system coming, hackers can see your WhatsApp chat, 2017 was worst year in security history 33 | By the numbers, training for tech reporters, report shows people value security more, threat level,

Roundtable

34 | Boosting the efficiency of PoS system to aid small businesses

Cover

A virtual medium of exchange

We look at what goals virtual currencies hope to accomplish and what behaviours they might someday incentivize | 18

Crypto continent

An enthusiastic insight into why cryptocurrencies' surge is proving too tempting to resist by Africans who are poorly served by the traditional banking sector | 22

The butterfly effect Can digital currencies replace the physical cash printed by central banks – particularly in countries with established financial infrastructure? | 22

NIBSS Fraud Report

36 | Fraud landscape in Nigeria 2017

Trends & Tactics

43 | Egypt's prefers QR code, WhatsApp tests payment in India, Mobile PoS boosts sales for retailers 44 | Paypal MPoS, Campari magnet, payments in India, Acer prayer beads, Catholic church digital, UK open banking, blockchain KYC, Audi toll mobile, Swedes new found love for cash

45 | Fintech firms toning down the fighting talk, in brief, mobile transactions have huge pay day

The Gimlet Eye

46 | African start-ups struggle to find their feet in terms of user numbers

Interview

Commisioner of Police, Ibrahim Lamorde on the Special Fraud Unit commitment to cage cybercrimes | 24

ON THE COVER

Illustration by steemd.com

E-PAYMENT REVIEW (ISSN: 2360-9818) is published every quarter by the E-Payment Providers Association of Nigeria, 1 Rachael Nwangwu Close, Lekki Phase 1, Lagos. © Vol. 08 No. 01. March 2018. All rights reserved. The opinions expressed do not necessarily reflect E-PPAN’s policy. E-PPAN accepts no responsibility for views expressed by contributors. Printed in Nigeria. 3 /E-PAYMENT REVIEW/ MARCH 2018

To Our Readers

ITEDGENEWS / OLX / THEVERGE

Limiting our loss to fraud IN THE FIGHT AGAINST PAYMENT FRAUD, THE BAD GUYS SEEM TO BE winning. This past year, they stole an estimated N1.63 billion from banks and other financial institutions, that is according to the summary and analysis of digital payment frauds in 2017 released by the Nigeria Inter-Bank Settlement System Plc (NIBSS). That is a lot of money to let leak out of the payment system. Fraudsters launched an assault on both electronic and non-electronic platforms – across the counter, cheques, internet banking and Point of Sale. They even piled on the e-commerce sector’s troubles by making away with about N36 million. Mobile payment had a loss of N348 million. The ATM, long the darling of fraudsters because of its guarantee of easy access to cash, lost nearly N500 million. Though when compared with the three previous years, figures for 2017 appear to show a decrease in money lost to fraudsters despite an increase in fraud volume, a fact that is highlighted in the report’s executive summary. But a loss is still a loss no matter how much. N1.63 billion not only represents money that the industry may never see again, it stands as a signpost to fraudsters to keep trying. The 28% increase in reported fraud volume last year indicates an unrelenting attempt by criminals to circumvent the advanced detection and verification systems put in place by banks and payment services providers to protect customers. Something more needs to be done. Since digital payment gained momentum in Nigeria, the industry has put in place defense against fraud. From the introduction of EMV cards to terminals that read their chips to industry collaboration under the Nigeria Electronic Fraud Forum (NeFF) to the launch of a centralized biometric identification system for the banking industry in the form of the Bank Verification Number (BVN), there has been sustained efforts by the industry to forestall all forms of fraudulent attacks, preserve payment security information and enhance consumers’ confidence in electronic payments. The NIBSS Fraud Landscape in Nigeria 2017 acknowledged “the increased level of collaboration amongst stakeholders in the industry” and highlighted its importance in stopping N2.4 billion in attempted fraud last year. Now is time to open a new front in that collaborative effort in the form of Nigeria-wide awareness campaigns that would inform people about fraud threats and seek to put consumers back in control with straightforward advice on how to stay safe and help the industry prevent fraud. The industry’s public awareness efforts so far against fraud appear fragmented and inconsistent. All banks have mounted a variety of campaigns, which are not very extensive, or well-funded or well-researched and tend to feature half-hearted messages that somehow are not boosting the overall national impact on fraud reduction. Thus we are faced with a crazy quilt of disparate efforts whose collective impact on fraud is unclear at best, and minimal at worst. Our challenge is to bring larger scale, more consistency and bigger impact to these efforts. This has become imperative as recent reports have indicated that the major drivers of the rising fraud figures are social engineering schemes that result in compromise of personal and financial details arising from negligence, ignorance and greed on the customers’ side. The industry therefore needs to re-orient customers on their role in keeping themselves safe from fraud attacks. The Electronic Payment Providers Association (E-PPAN), long the cohesive industry voice against fraud and collaborative activity partner in fraud prevention and control, can lead this effort. Inside you will find the full fraud landscape report brought together with the experience and expertise of NIBSS. You will also find our interview with the Commissioner in charge of the Police Special Fraud Unit (PSFU), Ibrahim Lamorde. His views on the reluctance of victims (individuals and businesses alike) to recourse to his agency for investigations of fraud incidence exposes why apprehending the criminals have proven challenging. Pointing out that the fundamental nature of criminality in the digital age is changing in an unprecedented way, he wants the PSFU to engage and partner with the payment industry to fight fraud. We also spoke with Iyinoluwa Aboyeji, the chief executive of Flutterwave. His excitement about digital payment combined with his passion for what it can do for Africa are as equally palpable as they are infectious. You could see it in his smile and his inability to sit still as he discusses his company’s plans for the future and the continent’s raw deal in the hands of major global banks. Our cover is on the wild ride of cryptocurrencies – an educative meandering through the miasma of the true nature of virtual coins and an outlook on what they could mean for the future of money. It is my hope that you will enjoy this issue!

Executive Vice Chairman/CEO of the Nigerian Communications Commission (NCC), Prof. Umar Danbatta (seated 3rd from right) with the delegation of US Air War College who was at the NCC to studythe workings of the telecom regulator and identify areas of collaboration and partnership.

“We made a difficult but important decision in Nigeria to consolidate our operations between some of our offices internationally." - Lola Masha, Country Manager of OLX Nigeria, in a statement announcing the online classifieds site decision to shut down its Nigerian and Kenyan offices due to the difficult operating environments.

N29.44 trillion / 461,980,541

Value and volume of transactions done through digital channels by Nigerians in the last quarter of 2017, according to data from the National Bureau of Statistics. The ATM dominated transactions with a volume of 239,692,229 worth N1.8 trillion.

MIRROR, MIRROR, ON THE WALL This wacky gadget is a smart mirroe unveiled this January at the Consumer Electronics Show in Las Vegas. scan your face and tell you what’s wrong with it. It looks for wrinkles, red spots, pores, fine lines, and brightness levels. The mirror rates each part of your skin on a scale of 100 with 100 representing skin perfection.

POWER UP YOUR MAG! SEND US AN EMAIL

editor@e-ppan.org

If you've got a comment about our stories or an important issue regarding payment simply contact us.

BROWN N. UGBAJA, EDITOR 4 /E-PAYMENT REVIEW/ MARCH 2018

ADVERTISING

advertising@e-ppan.org 01 3426493, 0802 220 3534, 0703 974 1808

For advert rates and participating in special sections

E-mails should include the writer's full name, address, e-mail and phone number and may be edited for purposes of clarity and space.

5 /E-PAYMENT REVIEW/ MARCH 2018

10 Questions

Emmanuel Ojo Chief Operating Officer of ChamsSwitch on his company's value proposition, experiences that lured him into technology and the challenges facing Africa's tech sector HOW WOULD YOU DESCRIBE your company to someone outside the industry? ChamsSwitch is a subsidiary of Chams Plc established in 2008 to provide payment solutions and switching services to financial institutions with the aid of identity management platforms supported by the Federal Government. We have flexible technology models that can be integrated with any e-commerce or mobile system and offer payment solutions capable of processing closed and open card schemes. We provide high performance third party software that support a host of merchant services. The robustness of our payment system enhances the ability of organizations to offer innovative services to their customers. We offer a comprehensive array of services to help organizations meet their business goals. Our solutions that aid retail and corporate business needs include pre-paid/ debit/credit processing, P2P funds transfers, bulk e-salary and e-pension, airtime top-up and utility bill payment via web and mobile apps. At ChamsSwitch, we are driven by a passionate desire to support the CBN cashless payment campaign. What kind of role does Chamsswitch play in Nigeria’s payment ecosystem? ChamsSwitch has developed a payment and switch infrastructure to ease the process of funds transfer between banked and underbanked/unbanked customers. This is aimed at supporting the Federal Government’s initiative on financial inclusion. We have an online payment platform (www.naira.com) where consumers can purchase goods and services from numerous merchants within Nigeria through a multi-channel (web and mobile) interface. What were the top three factors that contributed to you working in technology? Firstly, when I was a kid, I always wondered how mechanical or electronic devices were designed and this got me into a lot of trouble back then as I ripped my toys apart to see what was on the inside. In junior secondary school, my inquisitiveness led me to fix a few appliances (TVs, video players and stereos) when they got bad. Secondly, I grew up playing video games like Atari, Commodore, Sega series, Nintendo series and others. Third, I had a

The enabling environment that can complement the implementation and sustainability of innovative solutions. Without improved infrastructure for network connectivity, power, identity management and security, a lot of creative solutions will be hampered. How do you maintain a good work/life balance? And does technology help you with that? At ChamsSwitch, we promote a culture of having our staff spend adequate time with their family, contributing to humanitarian services and having time for their spiritual wellbeing. These empowers our mental strength, which for me is the greatest force to navigate through a lifetime journey. What is one goal - either personal or professional - that you would like to accomplish during your lifetime? I am very inspired by Chams founder, Sir Ademola Aladekomo. He created a well-structured company that has been in existence for over 32 years and that was the first ICT company to be listed on the Nigerian Stock Exchange. Chams has earned global recognition and entered the Guinness Book of Records for creating the largest assembly of computer systems at a single location. This is very motivating and is personally a driving force for my passion for creating solutions.

particular family friend that used to develop game systems in the early 90s and he inspired me. Besides, I was a member of a mathematics students club in university. All of these contributed to my logical reasoning and problem solving skills till this very day. Many good folks that watched me grow made me realize that I had a thing for technology. What has been your biggest achievement in your career in tech so far? I have a great passion for designing enhancement features for existing systems that will ultimately reduce cost, improve efficiency and promote a brand. One of my exciting achievements was the auto activation of customers’ debit cards. Prior to this enhancement, the process was rigorously manual. I have also championed the implementation of a mailpay product that typically

enabled consumers to make purchases/bill payments via e-mail. Customers’ requests were automatically processed without any human intervention and their accounts were debited for services provided without the use of a debit card, mobile app or web app. The competition in the payment market is getting stiffer every day. How does your company separate itself from the rest? At ChamsSwitch we place a premium on understanding our customers’ needs to the point of providing them with solutions even before they request them. ChamsSwitch consistently provides value added services and innovative solutions at low cost. What do you see as the biggest challenge for tech in the next five years?

6 /E-PAYMENT REVIEW/ MARCH 2018

What piece of technology/software has made the biggest impact on your working life in the last five years? Mobile technology is it! Any solution that cannot be accessed through a mobile device will go extinct in a little time. My mobile phone not only acts as my bank and office on the go, it also supports my lifestyle, I can communicate with anyone around the globe via voice, video or text (email, SMS, chats) and capture memorable events What advice would you like to have had during your career (that you had to find out for yourself)? It would have been helpful for somene to have told me things like if you don’t fail, then you have not started working towards your goal. Or you can do anything you set your mind to. Or the only factor that can prevent this from happening is you. Let’s grow everyday by making a positive difference in the world.

7 /E-PAYMENT REVIEW/ MARCH 2018

8 /E-PAYMENT REVIEW/ MARCH 2018

Talking Points DIGITS REVERSE INCLUSION

63.5 million

Number of active bank accounts in Nigeria 2017, a reduction from the 65 million recorded in 2016, the NIBSS banking industry statistics shows.

59 million

Total number of bank customers in 2017, a drop from 61 million in 2016.

VERIFIED

41.3 million

Number of customer accounts linked to the Bank Verification Number (BVN), growing from 26 million in 2016, according to NIBSS

ENHANCING SME FINANCING Sitting from Left: Director General, Global Cooperation Department – Americas and Africa, China Development Bank (CDB), Jin Tao and GMD/CEO, UBA Plc, Kennedy Uzoka while standing are President of CDB, Zheng Zhijie and Chairman of UBA, Tony Elumelu, at the signing of a $100 million seven-year loan agreement between UBA and CDB that will enhance UBA’s capacity to provide financing to small businesses across the 19 African countries where it currently operates.

GLOBAL BANKING REPORT

Hitting payment outta the park

PARTECH VENTURES

McKinsey report calls African banking a hotbed of innovation and most exciting in world naming it the second fastest growing globally DRIVEN BY MOBILE MONEY AND A DIGITALfirst attitude by young people on the continent, Africa's banking landscape is “among the most exciting in the world” and “a hotbed of innovation,” according to a new study by management consulting firm McKinsey and Company, which found the continent's banking market is the second-fastest-growing and second-most profitable of any global region. Africa has emerged as the world’s number two banking market in terms of growth and profitability. Low banking penetration and income levels, as well as economies that are largely cash-based and viewed as a high credit risk, have long been considered major obstacles to the development of the continent’s banking sector. But the McKinsey report -- drawing on performance data from 35 of Africa’s leading banks and surveys of banking executives and customers -- said the number of banked Africans grew from 170 million in 2012 to nearly 300 million last year. That figure is expected to rise to 450 million in the next five years, with banking revenue rising to $129 billion from about $86 billion now. “Globally, the banking industry is facing disappointing returns and sluggish growth,” the report said.

“Africa’s banking sector provides a refreshing contrast. Its markets are fast-growing and nearly twice as profitable as the global average.” However, that growth is by no means evenly spread, either geographically or among income groups. Only five countries -- South Africa, Nigeria, Egypt, Angola and Morocco -- currently account for 68 percent of Africa’s total banking revenue. And about 60 percent of the total retail revenue growth of nearly $18 billion expected over the next five years will be concentrated in the countries named above. “Where you are in Africa matters - in a big way,” the report said. “About 65 percent of African banks’ profitability and 94 percent of their revenue growth are attributable to their geographical footprint.” And though only 15 percent of Africans had annual income above $5,000 last year, McKinsey’s research indicated that nearly 70 percent of retail banking revenue growth through 2025 will come from customers earning between $6,000 and $36,000. Meanwhile, heavy staff costs and labour-intensive, paper-dominated processes hold back productivity, the report said. Credit risk also remains a concern, with non-performing loans accounting for more than five percent of African banks’ portfolios. 9 /E-PAYMENT REVIEW/ MARCH 2018

AFRICAN STARTUPS RAISED N201B FROM INVESTORS ACCORDING TO RESEARCH FROM Partech Ventures, $560 million in venture capital funding was invested in African startups in 2017. That's an increase of 53% from $366,8 million in 2016. The total amount was achieved by 124 startups through 128 rounds of funding. African entrepreneurs are using tech to tackle the continent's challenges and are attracting funding in the meantime. The continent's major urban centres -- like Nairobi, Lagos and Johannesburg -- have been abuzz with incubation hubs, tech entrepreneurs and developers creating, what they hope will be, the next big app.

Talking Points - Nigeria MASTERPASS QR BOT

Ecobank, Zenith in pilots for Mastercard Messenger bot

DIGITAL TRANSFORMATION OF TAX ADMINISTRATION L-R: Special Adviser to the Governor on Revenue and Tax, Fola Lasisi; Chairman, Lagos State Internal revenue Service, Ayo Subair; Lagos State Governor Akinwunmi Ambode; Managing Director, Guaranty Trust Bank, Segun Agbaje; Commissioner for Finance, Akinyemi Ashade; Assistant General Manager/ Divisional Head, Lagos State Public Sector, GTB, Sherifat Dawodu at GTBank Opebi, Ikeja, to flag off the Lagos e-tax payment campaign. The programme is to encourage Lagos residents to pay taxes digitally. At the event, Agbaje assured that the elimination of middlemen in the tax payment structure will reduce fraud and give government immediate value for all tax remittances. GTBank, he said, will collect the different taxes payable to Lagos State.

REGULATION

BRANDCRUNCH / CFATECH.NG

CBN unveils rules on bill payments THE CENTRAL BANK OF NIGERIA (CBN) has described a payment service provider as a person licenced by it to provide services involving direct interactions with the payment, settlement and clearing systems, and may include a bank, mobile money operators or other financial institution connected directly to a biller without any service intermediary. This was contained in new rules it released for bill payment governance that it said will help Nigeria realize the vision of a ‘nationally utilized and international recognized’ payments system as well as ensure adequate protection for stakeholders in the bill payment space. The regulation covers bill payments on digital channels and platforms that seek to integrate the payment side of commercial activity and merchant aggregators in Nigeria. The payment methods include cheques, cards, direct debit, instant payments, and automated clearing house. According to the regulation, payments shall be final and irrevocable and be consistent with the provision of the circular on the statement of payments finality. Also, it stated that requests for refunds or recalls shall be via a dispute resolution system or other supplementary rules that guide the operations of the relevant payment method. “Service Providers shall make an automated dispute resolution platform available to facilitate seamless resolution of complaints. Disputes arising from Bills Payment transactions shall be resolved amicably amongst the parties in line with the provisions of the guidelines on Operations of Electronic Payment Channels in Nigeria,” it added.

MASTERCARD WILL USE FACEBOOK MESSENGER to drive affordable acceptance of electronic and mobile payments in Africa by piloting a new Masterpass QR bot that businesses can use to accept QR payments. The Messenger experience will initially launch in Nigeria, and will be supported by Ecobank and Zenith Bank, with the Nigerian pilot signalling the start of a larger plan by the two companies to include more businesses into the digital economy. Peter Amangbo, MD/CEO of Zenith Bank, said his bank is focused on digital collaborations and innovations that will enable its customers to fit banking into their lifestyles, make payments more seamless and promote business growth. Patrick Akinwuntan, Ecobank's group executive, consumer banking, said the partnership syncs with his bank's objective of serving 100 million Africans by the end of 2020. To get started, businesses can send a request to the bot to enable QR payments, receive approval from the bank, set up an account and start accepting digital payments. Once the account setup process is complete, business owners can print and display the QR code in their stores or save the code on their phones. Customers can then pay by either scanning the code from their smartphone or by entering the merchant ID associated with the QR code into their feature phone.

FG to put ICT centres in geopolitical zones

IOT INNOVATION

Chatbot banking

Union Bank named fastest growing in retail

THE FEDERAL GOVERNMENT has approved the establishment of UNITeS Cisco academy and Internet of Things innovation centres in schools in the six geopolitical zones of the country. Malam Adamu Adamu, Minister of Education, said this at the inauguration of the UNITeS CISCO Internet of Things (IoT) Networking Academy at the Federal Government Girls College, Bwari in February. “The facility would also be located at Queens College, Lagos; Federal Government College (FGC), Enugu; FGC Bauchi; FGC Benin, and FGC Kano,” he said. Toyin Olatayo, the Cisco Academy Support Contact, said the centre if properly harnessed, would transform the school into a smart school teaching and learning.

DIAMOND BANK HAS unveiled Ada, a Chatbot that uses AI technology to provide a human-like interaction and personalized experience for its customers. As Ada learns from past interactions, the bank can offer more relevant and timely solutions that are really simple for customers to use. “Ada will allow us to further digitalize the mobile banking process and create an increasingly customized mobile banking experience for our millions of customers, said Uzoma Dozie, CEO of Diamond Bank.

UNION BANK WAS NAMED ‘THE fastest growing retail bank in Nigeria’ at the International Finance Magazine (IFM) Awards ceremony in Dubai in January. The awards shine the spotlight on organizations and individuals who make contributions that raise the bar in the financial industry. Carlos Wanderley, head retail banking at Union Bank called the honour a “a recognition of our commitment and efforts to build a truly customer-centric bank." Union Bank is considered a trusted financial partner for Nigerians with over 100 years heritage of reliable banking services in the country. Following an extensive transformation programme which started in 2014 and involved the upgrade of its processes, platforms, technology and facilities, the bank’s active customer base grew by over 40 percent in the last two years.

IFM AWARDS

BLOCKCHAIN TECHNOLOGY

VoguePay partners Interpol on crime control

ONLINE PAYMENTS PROVIDER VOGUEPAY AND THE INTERNATIONAL CRIMINAL Police Organisation (Interpol) are launching a blockchain-based crime control platform in Nigeria. Called interPort, The platform will obtain information and manage stakeholder involvement and crime reporting. “The partnership with VoguePay will help the agency to increase the safety of Nigerians, and to protect the economy while enabling citizens and businesses to comfortably embrace available technologies to grow their businesses, increase their profits, and create more jobs,” said Olushola K. Subair Interpol Commissioner of Police in Nigeria.Thanks to its experience in payments security and blockchain implementation, VoguePay will enable Interpol to increase citizen engagement and cooperation with partner networks to curb crime in Nigeria. “Blockchain technology is the next evolution in identity management and by leveraging it, Interpol is now better positioned to offer cross-agency data and biometric management,” said Michael Simeon, CEO of VoguePay. 10 /E-PAYMENT REVIEW/ MARCH 2018

DATA CENTRE

Medallion expands to Enugu, others MEDALLION COMMUNICATIONS is expanding its interconnect and data centre infrastructure to Enugu, Port-Harcourt, Ibadan, Kano and Asaba in an effort to accommodate more service providers in other parts of Nigeria. Ikechukwu Nnamani, Chief Executive Officer of Medallion told Nigeria Communications Week the expansion, which would be in phases will help boost the experience of telecom users across the country. He said that the expansion is majorly part of the company’s plan to fortify its readiness for a possible surge that would be experienced by infrastructure companies as a result of the advocacy for local hosting of data and content. According to him, Enugu and Port-Harcourt would start operations in the early parts of 2018, while Ibadan, Kano and Asaba will be operational before the end of third quarter this year. RECOGNITION

Akinboro selected to join prestigious group

789MARKETING /CELLULANT / VISA

BOLAJI AKINBORO, CO-FOUNDER of Cellulant Corporation and CEO of Cellulant Nigeria, has been selected to join the Endeavor Global Entrepreneurs Network, a high-impact entrepreneurship movement that supports organizations to have prime opportunities for growth. This is as his company was granted a payment solution service provider license by the Central Bank of Nigeria. Endeavor regularly screens thousands of entrepreneurs from around the world to identify those with the potential for impact. In the past two decades, Bolaji has focused on creating impactful projects across Africa. He led the execution of the growth enhancement support scheme project; an agricultural subsidy programme of the Federal Government that enabled the disbursement of fertilizer and other agricultural inputs worth N360 billion to rural farmers through an e-wallet platform.

Briefly

Over nine million subscribers in the country have activated the DoNot-Disturb (DND) facility to stop unsolicited text messages to their phones, according to Prof. Umar Garba Danbatta, executive vice chairman, Nigerian Communications Commission.

Appointments

N1trillion

Value of transactions processed through First Bank's 894 USSD service, with N3 trillion in transactions projected to be processed in 2018. Customers using the service grew by about 250% in 2017 to over 4.5million. The bank plans to reach a target base of 6.5million before the end of this year.

Analysts at Counterpoint Research expect the smartphone market in Nigeria to grow in double digits in 2018, driven by the entry of new players and changing OEM strategies. The feature phone market grew 15% annually, offsetting the smartphone decline in 2017, due to the recent economic recession.

$300 billion

Projected value of international digital peer-to-peer remittances conducted via mobile and online platforms globally by 2021, up from an estimated $225 billion in 2018, says a new study from Juniper Research. The World Bank estimates that global remittances will grow by 3.4% to $616 billion in 2018. Nigeria and other SubSaharan Africa, with an average cost of 9.1%, remains the highestcost region, it said.

Mike Ogbalu III

CEO of Interswitch subsidiary, Verve International MIKE OGBALU III IS THE NEW CEO of Verve International, one of the subsidiaries of the Interswitch Group. He replaced Charles Ifedi, one of the pioneer staff of the company who was appointed Verve CEO in 2013, when the Interswitch made the subsidiary autonomous. “We are very confident in the future of Verve and Interswitch as a group with Mike Ogbalu stepping in," said Mitchell Elegbe, CEO on the appointment. "His drive and passion for innovation and operational excellence is an asset that will help strategically steer Verve along the right paths for future” Before the appointment, Ogbalu

ZAKARIA HERSI The former Managing Director of Efritin has been appointed by Truecaller as its Director of Partnerships for Africa and will be operating from the integrated caller ID service's African headquarters in Nairobi, Kenya. The company revealed that Zakaria will be leading Truecaller’s expansion in the region where he would forge partnerships with various ecosystem players. OLUWASEUN OYINSAN A one-time banker with Guaranty Trust Bank and consultant at global market research firm, Forrester, Olu is now the vice president of investments at Ingressive

11 /E-PAYMENT REVIEW/ MARCH 2018

was the divisional CEO of Interswitch Financial Inclusion Service (IFIS) Trading as Quickteller Paypoint, IFIS serves as the interconnect point and infrastructure for integrating and delivering electronic payment services to the unbanked and under-banked. Under his leadership, IFIS successfully increased the availability of digital financial services in excluded locations in Nigeria, with Quickteller Paypoint crossing the 10,000-agent milestone in its first year of operation. Ogbalu is passionate about improving the life of millions of Africans by working with partners to provide access to cost-effective financial products and under his leadership, it is expected that Verve International will continue to break bounds, pioneering technology and raising the bar in card services in Africa and beyond.

Capital where he will lead due diligence and support deal origination across Sub-Saharan Africa. Ingressive led by Maya Horgan-Famodu, an ecosystem architect, is easily known as the company that brought top global accelerators and investors to explore the startup scene in the region. ANDREW TORRE Visa Inc. named Torre Regional President for its Central and Eastern Europe, Middle East and Africa (CEMEA) region, based in Dubai. He previously led Visa’s SubSaharan Africa business but will now oversee operations in more than 90 countries across CEMEA.

Torre is a Visa and payments industry veteran, with deep experience across the markets that comprise Visa’s CEMEA region. Having previously worked with the World Bank in Kiev, Moscow and CIS territories, he has been with Visa since 2002, holding global roles in product, strategy and pricing, as well as general manager roles in Russia and SubSaharan Africa.

Talking Points - Africa STARTUP REGULATION

In Short

Financial authorities in Mauritius are considering the establishment of a sovereign fund to provide seed capital for fintech development in the island nation. The idea was floated at the first meeting of the Financial Services Regulatory Committee, a seven-member conclave established to position Mauritius as a regional hub in the field of fintech regulation. The sovereign fund is viewed as a means to attract startups to Mauritius and promote the nation as an open and transparent regulatory regime for fintech. Alongside a tweaking of the financial rulebook, the panel also dicsussed plans for light-touch regulation of blockchain-related activities to encourage its development and recognise its potential economic benefits.

Kenyan bitcoin startup BitPesa has acquired TransferZero, a Madrid-based online money transfer platform, which operates in over 200 countries using more than 50 currencies.

Mauritius makes plans for sovereign fintech fund

ENTREPRENUERSHIP

Ghana leads in women business owners

AFRICA'S FLAGSHIP FINTECH EVENT Naeem Seedat, Vice President Africa and Diversified Markets at consumer credit reporting agency, TransUnion, talks to Chris Skinner, CEO, The Financer about innovation during one of the lightbulb moment sessions at the Third Dot Finance Summit in Kigali, Rwanda. More than 350 experts in finance and information technology attended the two-day summit to deliberate on how best to advance financial technology in Africa.

GHANA HAS THE HIGHEST NUMBER of women business owners worldwide, according to the recent MasterCard Index of Women’s Entrepreneurship (MIWE), which said 46.4% of private businesses in Ghana are owned by women. The MIWE is a weighted index that helps to better understand and identify factors and conditions that are most conducive to closing the gender gap among business owners in any given economy. It examined 57 different economies around the globe. Uganda came in third, with 33.8 per cent of businesses owned by women. The report also noted that whereas Africa leads the rest of the world in terms of the percentage of women business owners, the continent fell short when it comes to the best conditions that support women entrepreneurs. MOBILE MONEY

CARDS SOLUTIONS

Cash strapped Zimbabwe forgoing notes and coins

IN A DUAL DEVELOPMENT SET TO transform Africa’s access to China as well as simplify the ability of Chinese business owners and travellers to transact in Africa, Standard Bank has signed an agreement with UnionPay International to accept UnionPay cards in multiple African markets. “African entrepreneurs and importers of Chinese goods and services have, traditionally, had to travel to China carrying foreign currency in cash for conversion into renminbi,” explained George Lo, Executive Head: Pan Africa China Banking at Standard Bank. Going forward, Standard Bank cards or online transaction solutions will provide

ZIMBABWE HAS SEEN A PHENOME-nal rise in mobile, electronic and internet payments owing to liquidity and foreign currency shortages in the country. with more than 96% of the $97.5 billion - from the 1 billion transactions - processed in the country in 2017 going through electronic and mobile banking systems, according to John Mangudya, Governor of the Reserve Bank of Zimbabwe in his 2018 monetary policy statement. Banks in Zimbabwe have been boosting their online banking platforms, with Standard Chartered, Barclays Zimbabwe and others making progress, according to Zimbabwe banking sector insiders. Econet Wireless Zimbabwe's mobile payment platform, EcoCash has grown while Telecel Zimbabwe's Telecash and NetOne's own version are also active on the market.

Standard Bank partners UnionPay to provide Africa with cashless access to China access to all UnionPay-enabled platforms in China, and Africans dealing with China will no longer need to travel with cash. Instead, “they will soon be able to purchase goods directly from suppliers throughout China at the swipe of a card,” Lo said. From an African perspective, the agreement with UnionPay International provides Africans with direct access to China, including China’s highly developed electronic and mobile transaction platforms. Standard Bank card holders will be able to access China’s ecommerce marketplace, allowing African traders to locate and select goods remotely and then pay for them electronically via their Standard Bank cards.

Paris-based VC firm Partech Ventures raised $70 million for an Africa fund and opened an office in Dakar, Senegal. The firm - with more than 250 investments and 45 exits globally - pooled financial support from partners such as IFC, European Investment Bank and Averroes Finance III. E-commerce startup Mall for Africa has expanded into 11 new African markets (Angola, Chad, Guinea, Botswana, Tanzania, Uganda, Malawi, Egypt, the Democratic Republic of Congo (DRC), Senegal, and Sierra Leone) in response to increased demand for its patented platform. A new tax of 0.5% has been introduced on money transfers made through telephone companies in Cote d’Ivoire or their intermediaries, and relates particularly to remittances, according to the 2018 Tax Schedule.

68%

Countries in Africa and the Middle East that have now made the switch from legacy magnetic stripe payment card technology to EMV2016, according to EMVCo.

THE NEW TIMES

Africa's leaders commit to support youth innovation AFRICAN MINISTERS AND HEADS OF DELEGAtions at the third Forum on Science, Technology and Innovation (STI) in Africa in Cairo, Egypt have committed to support the continent’s youth to build tomorrow’s society through innovation. Science, technology and innovation is also expected to be high on national, regional and continental development agendas, according to the “Cairo Declaration” made at the end of the Forum. At the Forum's opening session, attended by the President of Egypt, Abdel Fattah el-Sisi, African Ministers, researchers and partners, the African Development Bank President Akinwumi Adesina said “Africa needs to pro12 /E-PAYMENT REVIEW/ MARCH 2018

mote a culture of innovation driven by Africa’s youth.” The Forum pledged to support the development of an African Education Fund to attract sustainable financing in collaboration with the African Development Bank, the Islamic Development Bank and other financial institutions. The Declaration also committed to design and adopt policies that promote gender equality in education and higher education in Science, Technology, Engineering and Mathematics (STEM) in particular, and in student participation, teacher training, professional development, academic and administrative staffing, and research and development.

NUMBERS

453,329,534

Mara Corporation, the conglomerate founded by Ugandan entrepreneur Ashish J. Thakkar, is launching a new smartphone this year, which aims to be a low cost, high quality and super efficient device tailor-made for the African continent.

Counting on the rise of mobile money and payments via cellphones, MTN wants to be Africa’s biggest bank in the near future. Its CEO Rob Shuter made the declaration at the Deloitte Africa in 2018 Outlook conference in Woodmead, South Africa this January.

Internet users in Africa as at December 2017, according to Internet World Stats. Africa mobile subscriptions are forecast to be 638 million by 2025.

240, 000

GSMA estimates of telecom towers in SubSaharan Africa with the number expected to reach 325,000 by 2020.

Tanzania’s President John Magufuli has told the country’s central bank not to bail out struggling banks as it tries to control rising bad debts in the sector. A spike in non-performing loans has hit bank profits and choked off new lending to the private sector.

Google has created a new feature that employs machine learning to sort and organize job listings from a range of employment sites so that job seekers in Kenya, Nigeria and South Africa could find employment by just typing ‘jobs’ into Google search.

CHIP AND PIN

Mastercard bets all on contactless card

MASTERCARD IS SETTING THE TONE FOR greater payment consistency with an initiative to make “tap and go” standard in the next five years. It is pushing for changes that would enable consumers, merchants and governments around the world to take advantage of contactless card payment technology. "Our vision is a world where everyone can simply and safely tap their card or device when paying in a store and quickly be on their way,” said Ajay Bhalla, Chief Security Solutions Officer at Mastercard. Today, consumers are able to pay with a simple tap in over 8 million locations across 111 countries and hoping to accelerate further adoption, Mastercard has established a roadmap to it goals. By October this year, it will require new payment terminals across Europe, Latin America, Asia Pacific, Africa and the Middle East to be EMV chip and contactless enabled while new cards and merchant terminals will follow by April 2019 and April 2023, respectively.

PLANTING SEEDS OF ICT From left to right - Managing Director, Huawei Representative Office at Kisementi in Kampala, Liu Jiawei; assistant commissioner for the Communications and Information Management Unit at the Ugandan education ministry, Patrick Muinda; Deputy Chief of Missions Chinese Embassy in Uganda, Chu Maoming; Head of Innovations, Makerere University, Karuhanga Beraho and acting commissioner for higher education in the ministry, Muzanilu Mukwatampola at the launch of the 2018 Seeds for the Future Programme that selects top Ugandan students in ICT-related courses for a study trip in China.

EXIT RUMOURS

MARKET RESEARCH

UBER IS STAYING IN AFRICA DESPITE speculations that surfaced last year when a board member of its biggest investor, Softbank, encouraged the company to focus on markets such as the U.S., Europe, and Latin America. “We’re fully committed. We’ve got a successful and growing business across Sub-Saharan Africa; we’ll continue to grow that and hopefully add some further expansion,” said Alon Lits Uber's General Manager for Sub-Saharan Africa who touted the company's aims to be “everywhere for everyone” . The ride-hailing service is adding new products across operations in Nigeria, Kenya, Ghana, South Africa, Egypt, Uganda, and Tanzania. It is working with Kenyan startup OkHi on an image based direction app for its drivers in Nairobi.

SPENDING ON BLOCKCHAIN SOLUTIONS IN THE Middle East and Africa is set to more than double this year, according to insights from global technology research and consulting firm, International Data Corporation (IDC). Its recently launched Worldwide Semiannual Blockchain Spending Guide shows spending in the region totaling $80.8 million for 2018, up 107% on the $38.9 million spent in 2017. "There is clearly an immense amount of interest around distributed ledger technologies in the region," said Megha Kumar, IDC's research director for software in the Middle East, Africa, and Turkey. "This is being driven by the pressing need for organizations to improve their efficiency, agility, security, and integrity. In 2018, we expect more organizations across MEA to move beyond the evaluation and proof-of-concept phase to pilots and even deployments." Looking further ahead, IDC expects blockchain spending in MEA to reach $307 million in 2021. While various industries are evaluating the use of blockchain, IDC research suggests the region's public

JAMII MOJA / TIC MAG / HOT IN JUBA/ PCTECHMAG

Uber not pulling out of African markets

MEA blockchain spending to double in 2018

13 /E-PAYMENT REVIEW/ MARCH 2018

sector (including government, education, and healthcare) will spend an estimated $120.8 million in this space in 2021, accounting for 39.2% share. It will be followed by the financial services sector at 35.5% and the distribution and services sector at 14.1%. The most popular blockchain use cases in 2021 will be cross-border payment and settlements, assets/ goods management and identity management, with IDC expecting these three alone to account for 33.1% of MEA blockchain spend in 2021. The forecast shows services (IT services and business services) accounting for 52.7% of MEA blockchain spending in 2021. Blockchain software platforms will be the biggest and fastest-growing category in the software space over the coming years, while cloud will be the fastest-growing component in terms of hardware. IDC's Worldwide Semiannual Blockchain Spending Guide quantifies the emerging blockchain market by providing spending data for ten technologies across 19 industries and 14 use cases in nine geographic regions.

Startup Nation

THE FLUTTERWAVE REVOLUTION OR (HOW TO AID AFRICAN BUSINESSES TO EXECUTE ON A GLOBAL SCALE) Journeying with serial entrepreneur Iyinoluwa Aboyeji, CEO of Flutterwave, into his company's dream to make Africa a big part of the world's digital economy

FLUTTERWAVE

BY BROWN N. UGBAJA

TO KICK THIS OFF, COULD YOU PLEASE give us a brief introduction about yourself? A lot of our audience knows about Flutterwave. For those who don’t, can you give us a quick overview of the company? Flutterwave is a payment technology company that supports banks and businesses to build seamless and secure payment experiences for their customers. We do this primarily by building technology tools and infrastructure that enable Africans, banks, businesses and consumers to connect to the global economy. The idea is that the world has changed and over the last twenty years; we have moved from globalization to the digitalization of the global economy. Somebody can now sit in his bedroom in Lagos and be running a global enterprise. Unfortunately, our financial and payment infrastructure doesn’t support businesses like that. Even something as simple as paying for Amazon web services is very difficult to do if you’re using a Nigerian bank. What we are trying to do is build a payment infrastructure that can support different use cases for businesses and individuals who want to do business across Africa and all over the world. Before I came aboard Flutterwave, I was cofounder of Andela. We focused at the time on building the next generation of Africa technology leaders by finding raw talent and supporting them to become world class software engineers that can work with companies like Facebook and others to build software remotely. Today, we’ve gone from very humble days of four people to about eight hundred people and attracted investment funds and a number of global players including Mark Zuckerberg. In general, what I’m passionate about is how to support the building of core digital infrastructure

and leveraging data and automated processes to scale innovation for digital transformation in Nigeria first of all and across Africa. I’ve heard these from many CEOs before; all of them saying they want to build digital infrastructure to help develop Africa. What really stands Flutterwave apart in this? What sets us apart is that we execute, we are not a talk shop. We came into the industry in 2016 and in just two years we’ve gone from 0 to 200 billion in transactions processed; we’ve also gone from 0 to over 30 million transactions and last year we recorded our first billion naira in revenue. These just go to tell you that we are not a team of talkers but professionals. We are very focused on building systems, processes and people who execute fast or even faster than the industry is comfortable with. Our secret ability to do that quickly is based on three things. First is our intense focus on our customers, which are banks and businesses. The second is our huge focus on applying technology to solve problems. When we came to the industry, the country faced a forex scarcity. We supported a team within our outfit to build something that helped people who wanted to pay for Netflix and iTunes subscriptions to be able to load a virtual card online to do it. The last is collaboration. We are one of the few companies that easily pass what we call the API test. Our API’s are open and anyone can build on them. Obviously going live is a function of your regulatory preparedness as well as our risk comfort levels with you. However, there are spaces open for anybody to experiment. We even work with people that could be considered our competition to deliver result to our costumers be14 /E-PAYMENT REVIEW/ MARCH 2018

cause they always come first. We’ve collaborated with Interswitch on Verve payment and also with other payment platforms around POS payments. We collaborate around card payments with a lot of other players. We even work with banks that some people think are competitors even though we exist to serve them. These are some of the things that distinguish us in the market and have allowed us to move quickly while others are spinning their wheels. You didn’t mention your infrastructure as one of your strengths. Can you go into what your payments infrastructure actually looks like? Infrastructure is our core business. We understand payment infrastructure from the top down. The biggest players in this market are still leveraging foreign switching technology to push their business. For good or for bad, that’s what the industry was built on but we developed our own switching and routing technology which is far more efficient. We have the ability to do about twenty-five thousand transactions per second with our switching technology and it’s not built on blockchain. It is the work of Nigerian payment engineers with lots

of experience across many banks coming together to build something that is the core of our platform. We leverage it to support our banking partners so they can optimize their switching and routing stack. We make it a personalized service for the banks to help them improve their internal operations. Everything that we deal with is really built on our ability to support the acceptance, the tracking and the making of payments via that core infrastructure. In one of your interviews that I read online, you said that Flutterwave hopes to pave the muchneeded way for Africa’s economic future. What do you mean by that and how are you going to do it? Africa is a continent with a lot more potential than it lets on for a whole bunch of reasons from leadership to infrastructure to investment. At the root of Africa’s potential is its human capacity - young and talented youths who are ready to innovate the way to the future. If you look at the demographics of the world, over 50% of the world’s working population will reside in Africa over the next 35 years. But one challenge we see today is that Africa

lacks the financial capacity to be part of the global economy. We spend more than any region in the world on the cost for money to come in or go out. We face significantly more challenges being able to transact globally. What we are trying to do, from a technology perspective, is to make sure that payments going from Nigeria to Ghana are not routed through Belgium. We want to create a unified platform for digital commerce in Africa and then leverage that platform to push Africa’s prosperity forward. We are now able to leverage optimized payment infrastructure to serve more people than we were able to do with the traditional banks. We have mobile phones, we have data and we have technology that allows us to enhance traditional models of doing things. Most importantly, we don’t have any other option if we want to scale to serve our people. So when I say Flutterwave will drive Africa’s economy forward, what it means is that we want to help with that core infrastructure to drive the most meaningful interaction that businesses have with their consumers which is payment. How did you gain knowledge of the CEO role 15 /E-PAYMENT REVIEW/ MARCH 2018

and how have you expanded your knowledge as your company grew? It’s been crazy. At Andela I wasn’t CEO, I was just the person on the ground so that role was slightly different because it was about coaching and recruitment. I handled more of the recruitment. At Flutterwave, I’ve been CEO for a while and it’s been an evolution really. When I came into this industry I didn’t know anything about payment. A lot of people find that very hard to believe. I didn’t even know what an acquirer was. But I was able to develop myself by listening to people and I still have a lot of mentors in the industry who help support my team. People in the banking industry have been kind. Even those we consider competitors in the switching and payment industry have supported us with knowledge and advice at critical points. We exchange knowledge and figure out a balance that works for us and if it doesn’t work we go back to the drawing board and look at it again. My role as a CEO has changed a bit. In the first year, our priority was making sure we were well-financed because as sexy as payments sounds, it’s still very treacherous. We face a lot of challenges especially with fraud so you need to be well-funded and you

Startup Nation need to give banks enough confidence in your ability to absorb pressure. We spent a lot of our first year making sure we were well-capitalized for the journey. Now my role has evolved not merely from the point of view of making decisions but also teaching our team how to make decisions in ways that optimize the allocation of capital. It involves helping the team to understand what matters and how to react to market conditions and situations. My hope is to create a culture where everybody can make decisions that are in the best interest of the company.

FLUTTERWAVE

Part of the capitalization was the $10 million you raised in a Series A funding round led by investors that include Greycroft Partners, Green Visor, Y Combinator and Glynn Capital. What kind of funding advice would you give to new entrepreneurs thinking about starting a fintech company? First thing is proving you are not a talking shop. Oftentimes we interact with future entrepreneurs who have great ideas, but investors generally don’t invest in ideas they invest in a business. That means you must do some research and develop the business. We put our life savings into this company to make it work. We brought in our family and friends to support us on the journey because we found that starting a company is not cheap. Though it was hard, our vision was to perfect our product in order to go to the market and we found other people who believed in what we were selling and agreed to work with us. My advice is to get started, do the next logical thing. Don’t make finding funding the main focus of the business. Build the business; perfect your product or service and as you start to do that others will latch onto the business and they’ll be encouraged to invest. The thing is we didn’t actually go to the investors for capital. For that round, they came to us because we kept a group of investors informed about our progress and they saw how fast we were growing and said 'no we have to invest now otherwise by the time they come back to us in 3-4 months the opportunity would be more expensive.' So they literally forced us to make a deal but that came from following our own path, leveraging whatever capital we had and doing our work. In the investment process we were very disciplined in adopting a process and maintaining records from day one. Many of our investors were very impressed with how organized our documents were and we went into business with the most thorough investors in the world. They were very impressed with how well we kept records and have policies and procedures and that helped a lot with the investments. It is really impressive that you did a lot of work at the foundational stage even though before coming into the business you didn’t know much about payment. What should startup founders understand about traditional bank-

ing that can help them improve their fintech services? I think it makes sense to understand the reasons bank deliver services the way they do today because it would give you a strategic edge. When you understand that, it tends to put you at a better vantage point when it comes to offering value with whatever you are doing. Also on other side, understanding the pain of the costumers is very critical. Some of the early research that we did was to first of all understand the footprints of banks across Africa - where banks made most of their money, what the average cost to serve smaller costumers was for banks - and determining we could do a better job. Understanding the potential size of the financial market and the ability of banks to serve the needs of the market; and determining whether you could actually scale to meet those needs is important. Understanding regulation is also very important. I re-

a bank that believes in what we are trying to do or some other players in the ecosystem who will benefit from it. Then we go together to the regulator and ask for consent. Also, we provide some answers to downside. We show where this has been done before without negative consequences and what was the downside protection in case things go wrong. That way the regulator understands that the potential risks were mitigated. When we tried to get an exemption for payments without OTP, we went with our client and a bank. The business model of this client wouldn’t have worked if potential costumers had to wait for OTP before consummating transactions. We knew the regulation was two factor and there was no going around it so instead we explained to the regulator we were willing to pay insurance and will refund any costumer who experiences any act of fraud. The regulator gave us the exemption immediately and allowed us to proceed

member reading the PSS2020 many times and the CBN regulations on payment. I read every guideline. Those are the things I think are important for any fintech entrepreneur to understand.

with our preparations. These days, because we are coming out with innovations very often, we’ve worked very closely with the regulator to create a financial services innovators council to advise the regulator on new innovative approaches to some things. We regularly engage the Central Bank on a variety of issues and pick some quick wins some of which include the sandbox policy that would be released soon as well as new regulation to allow certain classes of lower licensing categories. We plan to continue to engage the regulator with new ways that regulation can support the industry to be more innovative.

Financial services are highly regulated, and as a startup it’s often hard to find the time to look up every relevant regulation and ensure you comply. What have you found to be the best ways to interact with regulators? Two things. One, you have to understand where the regulator is coming. A lot of startups' attitude towards regulation is that they are just being difficult. But when you understand that regulation is in the public interest, you take a different approach. When you go to the regulator it should be with suggestions about ‘what else,’ like if we can’t do this what else can we do. The second step is we found a lot of success with engaging the regulator with trusted banking partners. We let the regulator know that we are not alone in this or coming as an innovator trying to disrupt things. We bring in 16 /E-PAYMENT REVIEW/ MARCH 2018

Can Fintech exist as a standalone industry? What do you think its future would look like five years from now? I said earlier that payment is the most meaningful interaction in the business we have with customers. At the point of payment, you’ll know whether you failed or passed the exam by how satisfied the customer is with your service. Fintech is not just

about payment; it is about how we leverage financial technology to improve processes as organizations transform from analog to digital. In the next five years my sense is that fintech will be invisible, you won’t see it but it will just be something everybody does. If I want to buy insurance I don’t need to know who the payment provider is it just happens. So I think that’s really where we are heading. What are some hurdles in the fintech industry that you’re experiencing? And what do you suggest to help the industry surmount them? I think most of them revolve around collaboration. We find that with certain challenges, the only way to fix them is to bound together. For example, the purpose of infrastructure is to lower the cost of service however there’s no way of doing that if everybody builds their own. That way we are actually increasing the cost of service because the costumers are not paying for service but are actually paying for infrastructure. It may have worked for us when we are buying generators for our houses or building our own borehole. There are especially sensitive elements of financial infrastructure where it doesn’t make sense for everybody to build their own. A common example is fraud. Fraudsters jump from one platform to another exploiting vulnerabilities on each platform but if the industry comes together and decide to give them hell across all platforms, ultimately we will be able to stop the scourge for everybody and not just for our bank or your platform. There’s also the issue of appropriate talent for the business that we are doing. You know fintech and IT are two different things. so there’s often a lot of challenges supporting banks to build an IT department that can deal with risks proficiently. One of the things the industry has to start thinking about is grooming a new generation of professionals who can identify and quickly implement opportunities in the fintech space. That way players will be adequately resourced for this new era. On some level also I’ll say there are challenges around Pan-African and global cooperation especially from the point of view of the barriers that are put in our way especially as an African business when you make clear that your ambition is to go global. One of the challenges that African banks are facing is that they are being dis-intermediated in the global financial circle. The big international banks are pulling the rug from under their feet and stopping them from being able to participate as equals in a global economy. I think that the solution to that problem is also collaboration. There is no reason why we should have more money in US banks reserves than we do in the Central Bank dollar reserve. Why can’t we have our own banks in the US keeping our money? That’s how China and India are doing it. Doing that will come from collaboration. We need to decide that we want to go to the world as a unit and an African bank will have a seat at the table. If we don’t think that way, it will continue to be the [foreign] banks that will have the conversations on our behalf and you know how that goes. What do you think is responsible for the disintermediation of African banks? A lot of it is ignorance. We did have a reputation and there’s no point denying that, however the effort that the government and the banking system have taken to fix the issues haven’t been recognized globally. For example, we do business in a lot of countries and there’s nothing like BVN, which gives you the opportunity to trace identi-

fied beneficial ownership on any account. It offers the first clue in financial crime investigation and it has made our lives easier by giving us the ability to better support law enforcement. But I think the gospel of that innovation still has to be spread to the rest of the world. Also, we need to understand the nature of global economic interests. We take inflows of about $135 billion as a continental economy; so if we band together to insist that those bringing in money into Africa must use our banks that would change the conversation because that money needs to find where to go and reasonable people on both sides will fashion out a way back to the table. That’s why I admire the ambitions of banks like GTBank, Zenith and Access Bank that are saying they want to build an African gateway to the rest of the world. I think it will be a better effort if they work together and leverage our strengths in different areas to be able to accomplish this more effectively. Tech is a hot space right now and you operate a company whose services are within the epicenter of banking and payment. How do you find the people who have the combination of skills you require and how do you retain them at a time where there are many opportunities for the people who you would want to hire? Our approach is to find talents that are willing to prove themselves in a new industry and we dedicate even more resources to growing them. We look for people who have a hunger for growth; who want to punch above their weight and who need resources to figure things out themselves. We look for people who have the mindset of shared prosperity and who apply creativity to solving problems. We are in a very heavily regulated industry but it doesn’t mean we can’t innovative. Sometimes it means that the path to innovation isn’t a straight line; it’s a little bit of a curved path but people who have the ability to apply creativity to finding that path and have the discipline to stay the course even when others give up in the middle are the kind of people that we like to hire. We appreciate people who have a passion for our vision and mission to connect Africa to the global economy. We don’t want the digital economy to pass us by. Our vision is to help any African businesses go global and so when we see the people who have a passion for that vision we always like to find a place for them within Flutterwave. We do like to retain but it’s not our core focus. The idea is not to trap people in Flutterwave forever. I don’t think we are going to be giving out too many long service awards. We actually want you to come here, contribute your quota, build something that lasts and at the right time, either move on to build your own company or move on to support a partner.

Oftentimes we interact with future entrepreneurs who have great ideas, but investors generally don’t invest in ideas they invest in a business. That means you must do some research and develop the business.

17 /E-PAYMENT REVIEW/ MARCH 2018

Connecting Africa to the world also means dealing with customers that are digitally excluded. Africa is one of the regions with the highest rates of financial exclusion in the world. According to the World Bank, approximately half of the African population does not have access to any type of formal financial services. How can fintech startups, and Flutterwave, in particular, help improve financial inclusion? That’s an area we’ve taken very seriously. The core problem with financial inclusion is that you have a customer segment that because of the lack of infrastructure is too expensive for other institutions to serve. It’s not because banks are wicked and don’t want to give services to poor people but the cost today of serving that customer is quite high and doing it the traditional way means losing money. But we know the technology that can lower that cost and can deploy it in a way that the traditional banks cannot. Ours is a digital first strategy. In terms of our own effort one of the channels that we found to be most promising in this respect is USSD and we’ve heavily invested in it. We’ve supported a number of banks to disburse loans to salaried workers in remote parts of the country using USSD. We are the first payments technology company to support financial institutions with a USSD menu that they can deploy instantly. The current state of the industry is that if you want them to change anything on the USSD menu you’ll have to be on queue for about three months and that’s not how you serve financially excluded customers. Where we are facing a lot of challenges in this journey is on the subject of identity. BVN works well for banked costumers but finding the appropriate identity platform for unbanked costumers has been a challenge. We’re looking to make progress on that front. What innovation are you seeing locally and globally that you think is really effective? I’m seeing a lot but I think the areas that have really caught my attention beyond the usual stuff is around leveraging data in performing basic financial services. This is almost like a personalization of your experience as a financial services customer. Some banks are really leading the way locally in that aspect like GTBank but I’ve seen some more foundational elements around even the databases that we use. I’ve also become more interested in blockchain for practical applications that are actually well-suited for this environment. I tried putting in a little bit of money in these things just to understand what’s happening and how one can play and what it means for us in the long term. Finally, what industry or technology would you be most interested in learning more about if you had the time? Personally I would love to learn a lot more about manufacturing. I’m actually learning about the manufacturing of women’s hair extensions. It’s very intriguing how big an industry it is. One of the things that we haven’t really gotten right here is manufacturing, a lot of people believe that the boat has left us and that we will never be able to be a manufacturing economy but I think there are elements of assembling that we can do to serve the market better. Another area of interest is real estate but my interest in it is the relationship between real estate and transport. New transport corridors and hubs are emerging and I want to know what that means for real estate, what it means for the kind of supply that is on the market.

Cover

Inside the Current Cryptocurrency Landscape

HACKER NOON

BY BROWN N. UGBAJA

THE STORY OF CRYPTOCURRENCIES HAS LOTS of moving parts. The complexity is not just manifested in their financial intersectionality or their binary options but more in the fact that news of events around this virtual digital coins are usually coloured by quantifiers that are catholic: a good load of confusion, carefully measured wariness, willful ignorance and that plain old ravenousness that drives people to worship money like a god. All this coalesce into the fast paced combination of ideologies and covenants and faithlessness and realizations surrounding a currency, which has taken a form that is not palpable and is driven by an unending chain of ones and zeroes. Today cryptocurrencies have become a phenomenon that capture the imagination of a global audience. While still markedly geeky, the overwhelming majority of people – bankers, regulators, policymakers, and investors – have a very limited knowledge about virtual currencies. That is why in the past two years, you will be hard pressed to find a major bank, a big tech company, a prominent financial institution or a government regulator that did not institute some kind of research into cryptocurrencies or blockchain or some aspects of their cybernetic elements. But what are cryptocurrencies, really? Are they computer systems? Algorithms? Money? What? To understand how they have maintained their headline power while holding the world in a bind, we need to look at the moving parts. It all begins with bitcoin. In itself, bitcoin is an open-source, peer-to-peer, digital decentralized cryptocurrency created by a developer whose identity remains a mystery but whose goal was to build a system that

4 trillion

The circulating supply of Sprouts, the largest on the cryptocurrency market. Sprouts market cap of $3.4 million is equivalent to 401 bitcoins.

$340 billion

Total market capitalisation of the combined 1564 cryptocurrencies in circulation, according to Coin Market Cap. The figure was $707 billion in January.

42.6%

Bitcoin's dominance of the entire cryptocurrency market despite its continuing plunge.

18 /E-PAYMENT REVIEW/ MARCH 2018

would allow online payments to be sent directly from one party to another without having to rely on third parties like such as a central bank or a ministry of finance. There are no physical bitcoins, only balances kept on a public ledger in the cloud, that – along with all bitcoin transactions – is verified by a massive amount of computing power. Powered by blockchain technology, bitcoins are not issued or backed by banks or governments, nor are individual bitcoins valuable as a commodity. But despite not being legal tender, bitcoin managed to chart high in popularity, and has triggered the launch of other virtual currencies collectively referred to as Altcoins. There is a good reason behind its success: as people learned about bitcoin, its value, in dollar terms, skyrocketed. In July 2010, Slashdot, a website that billed itself as "News for Nerds” ran a story that introduced the currency to the public and the value of bitcoins jumped tenfold in five days. Over the next eight months, the value rose tenfold again. This attracted an enormous amount of publicity and made people to think that buying and holding bitcoins was an easy way to make money. This caused the rise in the momentum of bitcoin until it breached the $20, 000 in December 2017. But since then it has been reeling, fallen in price by more than $10,000 at the beginning of January. But its losses have not deterred investments or increase in the number of computing power now mining the currency especially as analysts continue to hold out hope that the cryptocurrency’s value will recover and could even go way beyond the highs of late 2017. While bitcoin is the key player in the cryptocur-

JAMES M BROWN / GESELLBERG.COM

rency marketplace, the whole ecosystem is much greater than this one coin. What spurred the rise of other virtual currencies is that Satoshi Nakamoto, the famed but unknown inventor of bitcoin developed the Bitcoin network to be something akin to a peer-to-peer network for file sharing. Independent individuals and companies, known as "miners,” own the governing computing power and participate in the network for rewards (new bitcoin) and transaction fees paid in bitcoin. These miners can be thought of as the decentralized authority enforcing the credibility of the network. Individuals among them who have deep understanding of the way it works, were able to take advantage of its open source nature and the blockchain technology to recreate their own cryptocurrencies. Besides, before Satoshi there had been many attempts to create digital money, but they all failed. What Satoshi did differently compared to other efforts was that he built the blockchain system that prevented double spending. Instead of using a trusted central entity to verify transactions, bitcoin does it through a decentralized authority. For cash to work, you need a payment network with accounts, balances, and transaction. But one challenge is to prevent double spending; ensuring that a person does not spend the same money twice. That is why when you authorize a card transaction, your bank debits you and sends a notification that the money has been paid and informs you of your balance. This is done through a central server that keeps record about the balances. By creating a decentralized network, Satoshi absolutely removed the need for a central server while keeping the payment system. He made every single entity on the network to chip in to do the job. What it means is that every peer gets a list with all transactions to check the legitimacy of future transactions or an attempt to double spend. What this means in clear terms is that when you make payment in bitcoin, it sets in motion a process of escalating, high-intensive complexity. Each payment is basically an electronic message, which contains the complete pedigree of your bitcoin, along with data about the receiver or processing fee. That message gets converted by encryption software into a long string of letters and numbers, which is then broadcast to every miner on the bitcoin network (there are tens of thousands of them, all over the world). Each miner then gathers your encrypted payment message, along with any other payment messages on the network at the time (usually in batches of around 2,000), into what’s called a block. The miner then uses special software to authenticate each payment in the block—verifying, for example, that you owned the bitcoin you are sending, and that you have not already sent that same bitcoin to someone else. This is where actual bitcoin mining begins. Mining is simply the complex process in which computers solve a complicated mathematical puzzle to win a stack of virtual currency. In essence, each miner now tries to demonstrate to the rest of the network that his or her block of verified payments is the one true block, which will serve as the permanent record of those 2,000 or so transactions. Miners do this by, essentially, trying to be the first to guess their block’s numerical password. This is equivalent to trying to randomly guess someone’s computer password, except on a vastly larger scale. In the early days of bitcoin, the servers on the network then could make 12 billion “guesses” every second but today there are thousands of mining pools made up of millions of high-speed computer servers hashing away at the bitcoin blockchain and churning out calculations in trillions. As soon as a miner finds a solution and a majority of other miners confirm it, this winning block is

10 CRYPTOCURRENCIES FOLLOWING BITCOIN

ETHEREUM

This a Turing-complete “programmable blockchain” that allows developers to build all sorts of distributed apps on top of Bitcoin. The platform has enabled many companies to raise tens (or even hundreds) of millions of dollars in funding for their own Ethereum-based projects. This has further increased Ethereum’s value, reaching around half of Bitcoin’s market cap this year.

RIPPLE

Ripple is a payment network that enables secure, instant and nearly free global financial transactions of any size with no chargebacks. It is unlike most cryptocurrencies in that it doesn’t use a blockchain to establish consensus for transactions. Instead, it uses an iterative consensus process that makes it faster than the Bitcoin network, but may also leave it more exposed to attacks.

BITCOIN CASH

Just weeks after it was launched, Bitcoin Cash surged to top five in terms of market cap. That's because it is actually a fork of Bitcoin, supported by the biggest Bitcoin mining company - Bitmain. A fork happens when a group of developers decide they don’t like the direction of the current software roadmap and then take the existing code and add their own improvements to it. This creates a separate version of the previous software with its own roadmap.

CARDANO

This is a new cryptocurrency that comes with some interesting new innovations. It was built by a team of technology-focused developers and academics from multiple universities. One of these innovations is that the code was written in Haskell, a more memory-safe programming language, which should minimize the existence of bugs on the Cardano network.

LITECOIN

This was one of the very first “altcoins” to be created with the goal of being the “digital silver” to Bitcoin’s old. Litecoin was also a fork of Bitcoin but it could generate blocks four times faster and have four times the maximum number of coins (84 million). It also uses a different mining algorithm, called scrypt,, which means people only need GPUs to mine it. 19 /E-PAYMENT REVIEW/ MARCH 2018

accepted by the network as the “official” block for those particular transactions. The official block is then added to previous blocks, creating an ever-lengthening chain of blocks, which is what is meant by the “blockchain,” that serves as a master ledger for all bitcoin transactions. And, importantly, the winning miner is rewarded with brand-new bitcoins and processing fees. The network then moves on to the next batch of payments and the process repeats - and, in theory, will keep repeating, once every 10 minutes or so, until miners mine all 21 million of the bitcoins Satoshi programmed into the network. But why is blockchain important and why did Satoshi peg the number of bitcoins that will ever be mined at 21 million? What was the need for this tortuous journey to obtain the currency? Quite simply, blockchain is the computing-intensive and cryptographically secured protocol that is the underlying technology of bitcoin. In the nine-page whitepaper he published announcing the birth of bitcoin, Satoshi raised concerns about what could happen if the peers of the network disagree about only one single, minor balance. Such a disagreement could cause whole system to disintegrate. So he ensured that for it to work and be sustained, the peers must have absolute consensus. Since declaring the correct state of balances is the responsibility of a central authority, to maintain consensus in this case requires the usefulness of blockchain. Satoshi made it nifty enough and open source enough to allow two people (or machines) to do transactions (sometimes anonymously) even if they don’t trust each other or the network between them. His major innovation was the achievement of consensus without a central authority. The main use of blockchain technology is to keep a growing electronic ledger of every single bitcoin transaction ever made. That is why many now see it as the record-keeping mechanism of the future. This later feeling is because with blockchain, records of all activities are, for lack of a better expression, set in stone. When a cryptocurrency transaction occurs, it is known almost immediately by the whole network. But it must be locked in by means of confirmation. As long as a transaction is unconfirmed, it is pending and can be forged. When a transaction is confirmed, it cannot be reversed, it is part of an immutable record of historical transactions: of the blockchain. But then, only miners can confirm transactions. Their job in a cryptocurrency network is to take transactions, stamp them as legit and spread them in the network. After a transaction is confirmed by a miner, every node (any computer that connects to the bitcoin network is called a node) has to add it to its database, that way it becomes part of the blockchain. For this, miners get rewarded with a token of the cryptocurrency. Principally everybody can be a miner. But since a decentralized network has no authority to delegate this task, a cryptocurrency needs some kind of mechanism to prevent any miner from abusing the process. Imagine someone creates thousands of peers and spreads forged transactions, the system would collapse on itself. So, Satoshi set the rule that the miners need to invest some work of their computers to qualify for this task. In fact, they have to find a hash – a product of a cryptographic function – that connects the new block with its predecessor. This is called the Proof-of-Work. In bitcoin, it is based on the SHA 256 Hash algorithm, which forms the basis of a cryptologic puzzle the miners compete to solve. After finding a solution, a miner can build a block and add it to the blockchain. As an incentive, he has the right to add a so-called coinbase transaction that gives him a specific number of cryptocurrencies. This is the only

STEEMIT / SHUTTERSTOCK / OBSERVALGERIE

Cover way to create valid coins. Although virtual currencies are created, bought and sold more today than ever before, with their increasing use, they are becoming less experimental every day. The reasons for that are complex. For one, the rush for cryptocurrency has made it a zero-sum game. Mostly due to their revolutionary properties cryptocurrencies have become a success that no one, not even Satoshi himself, assumed will be possible. With the wild ride of bitcoin, cryptocurrencies have provoked enthusiasm and fascination. But much like with every success, there are usually lots of struggles that are never commonly apparent. These struggles are in the form of the ballooning numbers of virtual coins, regulatory strictures against cryptocurrency investments, the volatility of mining, the future of the currencies themselves, the fact that cryptocurrency mining takes an astonishing amount of electricity, thefts/scams and Satoshi Nakamoto himself. Even if you are only just coming to grips with this whole cryptocurrency phenomenon, or have been trading them since the days where they were worth just a few dollars each, there is that nagging feeling about the true nature of cryptocurrencies. Are they real currencies? Are they real money? In a socio-economic context, money is any item or verifiable record that is generally accepted as payment for goods and services and repayment of debts in a particular country or countries. It facilitates easy and frictionless transactions between people and have a stable value that does not fluctuate otherwise it would be impossible to set prices. Government-issued currencies have value because they represent human trust and cooperation. There is no wealth and no trade without these two things. Cryptocurrencies, however have none of these qualities. Critics insist that cryptocurrencies will never work as mainstream currencies because they are slow and far too volatile and, of value only to speculators and criminals. Their real function, they say, is as a “store of value”-that is, investment assets, like gold or company shares - except that, unlike these traditional assets, virtual currencies have no real underlying economic value. Granted that these currencies are said to have been used for payment, their use as a means of speculation and a store of value dwarfs the payment aspects. The counterargument is that cryptocurrencies are secure from political influence, and are private and anonymous enough to serve as a means of payment for black markets and any other outlawed economic activity. To better understand this line of reason, one needs to know that a financial libertarian streak propelled the will for the invention of bitcoin in the first place. Satoshi’s whitepaper has some in-built ideology: the assumption that giving national governments the ability to monitor flows of money in the financial system and use it as a form of law enforcement is wrong. You will hear echoes of that sentiment in all the pro-crypto blogs and the views of anarchists. The downside to the liberal argument is that nothing in the world of cryptocurrencies is guaranteed. Take their volatility for instance, true believers in the usefulness of virtual currencies prefer to deny that speculation is driving the action in bitcoins. But the evidence suggests otherwise. The value of the currency has seen tremendous wild swings in price over its short existence. Bitcoin increased from essentially nothing eight years ago to $1, 200 by April 2017, to a high of almost $20,000 in December and settling at $9,000 - its value at the time this article was written. The value tumbled by almost 50 percent in a matter of days in January. In 2013, the price of bitcoin fell by 61% in a single day. This dormant volatility is because

NEO

Previously called Antshares, Neo is often called the “Chinese Ethereum” because it has many of the same goals as Ethereum and was developed in China. It is a smart platform that enables all sorts of financial contracts and even third-party distributed applications to be developed on top of it, and allows developers to use any coding language they like.

STELLAR LUMENS

The developers of the Stellar network want it to become the de facto cryptocurrency system used by banks and other financial institutions. The “lumens” are the currency units that exist on the network and are being positioned to be used as a “bridge” between different cryptocurrencies.

MONERO

This is one of the cryptocurrencies with the most active communities because of its open and privacy-focused ideals. Recently, Europol bust up some cryptocurrencies and Monero what the only one whose transactions couldn’t be traced. Monero’s privacy is guaranteed by a ring signature algorithm, which makes transactions invisible and untraceable.

EOS

On EOS, users can create account names with different permission levels., instead of long addresses, They can also roll back changes to fix serious bugs if a supermajority of users agree to it. EOS uses a system that allows users to delegate voting rights t in order to decrease transaction verification times and make the network run more efficiently.

IOTA

This currency targets the Internet of Things and doesn’t use a blockchain in order to reduce the computational needs of the network and eliminate transaction fees. It uses a ledger called Tangle. Senders in a transaction are required to do a proof of work that approves two transactions. This removes dedicated miners who are needed to verify transactions on most other cryptocurrencies. 20 /E-PAYMENT REVIEW/ MARCH 2018

the underlying assets of cryptocurrencies (the way bitcoin is set up) create their volatile market conditions. One, subject to high volume buying and selling on exchanges, it has a high sensitivity to news. Two, the difficulty of actually acquiring bitcoins is responsible for propping up their value, and partially responsible for the decline in the value of Altcoins. Bitcoin and Altcoins have an inverse relationship in their value, i.e. when the value of bitcoin rises then Altcoins are losing their bitcoin value, and vice versa. Two, because the supply of bitcoins is permanently limited, it gives people an incentive to hoard their bitcoins rather than spend them, which is the opposite of what you need people to do in order to make a currency successful. That is why the bitcoin economy is dominated by speculators; people who purchase it for its investment value rather than as a medium of exchange. Besides, the speculators are not having much fun. Not all of them make gains from trading, since this is a zero-sum game, for everyone who benefits someone else loses on the other side. But their lack of guaranteed value and digital nature means the purchase and use of cryptocurrencies carries several inherent risks. Chief among these risks is security. One of the transactional properties of these currencies is that they are secure but over the years, these coins have been plagued by scams, and abusive practices. Cryptocurrency exchanges are entirely digital and, as with any virtual system, are at risk from hackers, malware and operational glitches. Hackers have successfully targeted these exchanges and gained access to thousands of accounts and digital wallets where cryptocurrencies are stored. One especially notorious hacking incident took place in 2014, when Mt. Gox, a Bitcoin exchange in Japan, was forced to close down after millions of dollars worth of bitcoins were stolen. And there are other incidents. In January 2015, the popular bitcoin exchange Bitstamp reported that it lost around 19,000 bitcoins, then worth about $5 million. Bitcoin exchange Bitfinex announced in August 2016, that hackers had stolen $77 million worth of bitcoins. The company foisted these costs on to users, forcing them to take a 36-percent reduction in the value of their deposits. Japanese cryptocurrency exchange Coincheck confirmed in January that some 500 million units of a cryptocurrency known as Nem worth $524 million was stolen. What is more. Initial Coin Offerings (ICOs), which allow companies to sell services in exchange for digital tokens, have worried regulators for a while now, with the Securities and Exchange Commission Chairman Jay Clayton warning investors in December that the space has “substantially less investor protection than in our securities market.” Entrepreneurs see ICOs as an easy way to fundraise, especially for ideas that may be passed over by venture capitalists. But that has also led to ICOs of firms with little more than a white paper. According to a report from consultancy firm Ernst and Young earlier in the year, roughly 10 percent of funds raised through ICOs, between 2015 and 2017 have been lost or stolen via hacks. In dollar terms, that about $400 million worth of funds stolen from $3.7 billion raised in the more than 372 such offerings from around the world. “Hackers are attracted by the rush, absence of a centralized authority, blockchain transaction irreversibility, and information chaos,” the Ernst and Young report said. “Project founders focus on attracting investors and security is often not prioritized. Hackers successfully take advantage— the more hyped and large-scale the ICO, the more attractive it is for attacks.” What this indicates is that those qualities of blockchain that make it valuable are also its underbelly.

Most mining is done in China, iceland, the US, Russia and around the world using all sorts of methods to generate bitcoin and other crypto currencies. This operation is at the biggest bitcoin mining farm in Russia. Rows and rows of ASIC machines dedicated to bitcoin mining and nothing else. Tyler and Cameron Winklevoss parlayed the millions they earned after settling their Facebook lawsuit into cryptocurrencies and became the first billionaires from the recent bitcoin surge. They claim to own approximately 1% of all bitcoin in circulation .

Take transaction irreversibility. Any transaction carried out with a cryptocurrency can only be reversed if the person who has received them refunds them. Not you, not your bank, not your miner. Nobody. If you send money, you send it. Period. No one can help you, if you sent your funds to a scammer or if a hacker stole them from your computer. There is no third party or a payment processor, as in the case of a debit or credit card – hence, no source of protection or appeal if there is a problem. That is because neither transactions nor accounts are connected to real-world identities. You receive currencies on so-called addresses, which are randomly seeming chains of around 30 characters. While it is usually possible to analyze the transaction flow, it is not necessarily possible to connect the real world identity of users with those addresses. Worst of all, and this is the one that wants to make the head of regulators to explode, you do not need permission from anybody to mine your cryptocurrency. They are just software that everybody can download for free. After you installed, you can receive and send bitcoins or other cryptocurrencies. No one can prevent you as there is no gatekeeper. This is something analogous to building your own mint and printing naira notes and injecting them into the Nigerian monetary system. The world’s governments are not going to let everyone start printing their own money or trading it anonymously and evading taxes using cryptocurrencies. That explains why they are taking action. The Central Bank of Nigeria (CBN), for instance, warned last year that investing in virtual currencies is a “risk that cannot be supported” by the bank. It banned Nigerian banks from using, holding or transacting in virtual currencies. Even the Nigerian Deposit Insurance Corporation (NDIC), the country’s financial sector insurer, weighed in on the matter, warning Nigerians on the risk of

investing in exchanges and cryptocurrency accounts are not that have no insurance instrument. Despite all the buzz about bitcoin, there is tangible global concern about cryptocurrencies and the havoc they can wreck on the world’s monetary system. Criticisms have come from diverse places including from the world’s most successful investors. In January, Warren Buffett vowed he would never invest in bitcoin or other cryptocurrencies, and predicted the popular assets are in for a fall. “I can say almost with certainty that cryptocurrencies will come to a bad end,” Buffett told CNBC in an interview. One month later, Bill Gates, philanthropist and former chief executive of Microsoft, expressed his concerns about the cryptocurrency craze, saying that the anonymity offered by the new technology has “caused deaths” and also suggested that investing in the sector is a bad idea. “The main feature of cryptocurrencies is their anonymity,” Gates wrote during a Reddit AMA in a response to what he thinks of virtual coins. “I don’t think this is a good thing. The government’s ability to find money laundering and tax evasion and terrorist funding is a good thing. Right now cryptocurrencies are used for buying fentanyl and other drugs so it is a rare technology that has caused deaths in a fairly direct way. I think the speculative wave around ICOs and cryptocurrencies is super risky for those who go long.” Yet, despite the critique from two of the world’s most successful investors, more companies are piling into cryptocurrencies, raising the number of existing coins so far to more than 1,500. One reason for the rise in the volume of cryptocurrencies is that the number of bitcoins that can be mined is reducing. Another is the inverse relationship between bitcoin and other virtual currencies. Bitcoin currently has a market capitalization (number of coins multiplied by value of each coin) of over $238 billion, or roughly 45% of the value 21 /E-PAYMENT REVIEW/ MARCH 2018

of the whole cryptocurrency market. But why is bitcoin currently worth more than all other cryptocurrencies combined? Simply put, Bitcoin has “first boy” syndrome. Meaning that because its inception happened before any other major cryptocurrency, its market cap and share is larger than the rest. It was designed to be used as both an investment and as well as a currency. Not only that. Satoshi engineered a kind of obstinacy into bitcoin to make life harder for miners as time goes by. He programmed the network to periodically (every 210,000 blocks, or once every four years or so) halve the number of bitcoins rewarded for each mined block. The first drop, from 50 coins to 25, came on November 28, 2012, which the faithful call “Halving Day.” It has since halved again, to 12.5, and is expected to drop to 6.25 in June 2020. There is more. He built the system to make the blocks themselves more difficult to mine as more computer power flows into the network. That is, as more miners join, or as existing miners buy more servers, or as the servers themselves get faster, the bitcoin network automatically adjusts the solution criteria so that finding those passwords requires proportionately more random guesses, and thus more computing power. These adjustments occur every 10 to 14 days, and are programmed to ensure that bitcoin blocks are mined no faster than one roughly every 10 minutes. The rationale is that by forcing miners to commit more computing power, Satoshi was making miners more invested in the long-term survival of the network. What he achieved with these quirky engineering is to saddle bitcoin with a constant shifting scalability. When bitcoin was first introduced in 2009, mining it needed little more than a home PC. By the time he mined the genesis block, first bitcoin, back in 2009, Satoshi was rewarded with 50 of them. This past January, miners extracted the 16,800,000th bitcoin, which is significant, because it means there are only 20 percent of all the bitcoin there will ever be to go. As bitcoin’s soaring price has drawn in thousands of new players worldwide, the strange math at the heart of this cryptocurrency has grown steadily more complicated. Generating a single bitcoin takes a lot more servers than it used to - and a lot more electricity. Commercial miners are building mining sites and stacking them with tens of thousands of servers that require electrical loads that are enough to power a small city. In the arms race that cryptocurrency mining has become, even these operations will soon be considered small-scale. What this means is that extracting the remaining bitcoin will require more investments with a possibility that the rewards will be reduced. Although it is hard to make any concrete estimates on the eventual date of the last bitcoin being mined due to the unpredictable nature of mining hardware development, some approximations put it as far in the future as the year 2140. Since everyone alive today may not all live to witness that date, people will make do with what can be gained for now – and it is blockchain. The monetized code that underlies the blockchain concept is being written to carry any sort of information securely. In the near future, supporters say, banks, large corporations, institutions and even governments will use blockchain to administer virtually any kind of transaction, contractual arrangement or other data-driven relationship humans handle with their proliferating machines. That will be value in a new landscape.

Cover

Nexus of cryptocurrency and fintech in Africa BY RICHARD IGIRI

WHAT IS CRYPTOCURRENCY? IS IT JUST AS A market asset for trading and investing, or is it an emergent generation of technology and a nascent epoch of human history and society? In the early man’s society, commerce was by barter. Thus currency in society evolved in the trail of barter, cowry shells, copper coins, fiat money and electronic cards. Each epoch of course, gulped generations of human history until its expiration. The incoming epoch advances tech and society one notch into abstraction: Cryptocurrency! Cryptocurrency as has been explained simply is a software protocol similar to that which powers email or the Internet itself. They really do not come in “coins” but simply as strings of code that store value and can be held or exchanged among peers. This phenomenon is really not totally new. An example of Cryptocurrency that is familiar in daily use is the “credit” we load onto our phones on a daily bases, which have the value of connecting us to our friends and family. The “credit” we buy is simply a string of numbers, but has the intrinsic value of latent connectivity with our business partners and loved ones. A string of numbers you say? But there is money hard-coded into it such that one would usually send it to another, and that one on the other end can actually take that uglylooking code exchanging it on the market for its code-specified financial value. This one invention that caught the world napping proves that there are still great inventions to be made. As long as challenges crop up during evolution of society into more cultural complexity, there are inventions “out there” to combat those challenges of the human existence brought about by change and growth. The invention of bitcoin proves that there is no

limit to the potentials latent in the human person. It proves that the Wisdom of God lies resident in the human cranium! Consider how advanced the “Developed World” already is, yet the need for new inventions continue to be a social and an existential imperative. Herein lies the nexus of invention of bitcoin, and the revolution of technology in Africa: If the Developed World continues to invent, sophisticated as it already is, how much more pertinent that Africa must come up with inventions to humanize life on the continent, thus staving off dehumanization of the African person and his environment through the Three Great Evils of the African history – namely Slavery, Colonialism and Neo-colonialism. The existential negativism of these Great Evils as etched into her history and calcified in the character of Africa, continue to hold-up Africa in its cultural capture, as well as in its genocidal socio-political torture. I dare to opine that there are inventions “out there” that will liberate Africa from these lingering contradictions and conflicts as calcified in the African environment and character owed from Slavery, Colonialism and Neo-colonialism. These inventions will come from Africans, living in Africa. The God- Wisdom to solve the contradictions of the African existence, as well as resolve conflicts of the African experience, lies resident in the African cranium! My hunch is that these inventions exist “out there” for the salvation of Africa. They will be another genre of technology, which must come from the African, within the proverbial “Concave Universe” in Africa, and never from the “Convex Universe” from without Africa. As explained, the code supporting the existence

of bitcoin specifies that only 21 million coins can ever exist. A situation in which 21 million coins are to serve the transaction needs of 7 billion people on the planet, suggests that the value of this asset will continue to grow almost without limits. Thus it has been projected that the value of one bitcoin will someday be equal to a million dollars. Fiat currencies as issued by the traditional financial establishment lose value over time. By their very nature they determine the inflationary systems of the world. But bitcoin is a well-thought-out financial system for a new economic structure of the world. While fiat currency can be issued almost arbitrarily, furnishing inflationary trends in the economy, bitcoin is the opposite fixed at only 21 million coins that can ever exist – thus generating deflationary values in society. Appraising bitcoin as a market asset that is deflationary in nature, there is value to be earned in simply buying and holding. Is it any wonder that bitcoin has been variously designated “digital gold” – meaning a store of value in digital form?

COIN OF THE FUTURE

HOW VIRTUAL CURRENCIES COULD KILL OFF CASH

AFKINSIDER

National governments are also looking into creating virtual currencies of their own. VIRTUAL CURRENCIES HAVE BEEN part of the world’s monetary system since 2009, when Bitcoin became the first of what is now a handful of these so-called cryptocurrencies. Digital currency transactions take place in online exchanges, lending an anonymity that has led to shadowy associations with drug trading and

money laundering. But that anonymity, and the convenience with which the transactions can be made, have also fueled the popularity of cryptocurrencies. More than 6 million people now own virtual currency — including many investors looking to trade the currencies to join the ranks of “Bitcoin billionaires.” As popular as they have become, virtual currencies may soon play an even bigger role in our financial lives. In part over fears that existing cryotocurrencies (which operate independently of governments) will make it harder to detect tax evasion, Sweden, Canada, China and other nations have announced plans to launch their own official virtual currencies. In the case of Sweden, that could come as soon as 2020. Though recent research suggests there's not yet a shift away from cash, experts say a mix of independent and

national cybercurrencies could eventually displace the coins and paper notes that people have been using for thousands of years. Embracing Bitcoin If the transition from conventional to digital currencies plays out the way experts predict, it would likely take at least a decade. But many retailers are already jumping on the Bitcoin bandwagon. Microsoft and Expedia now accept virtual currency, and a recent survey of 100 U.S. merchants found that 60 percent would accept Bitcoin as payment. In addition to corporations, whole industries are starting to embrace digital currency. Real estate is among the first. In several states, including Arizona, Vermont, and Florida, laws have been amended to permit blockchain — the encrypted digital ledger on which cryptocurrency transactions

22 /E-PAYMENT REVIEW/ MARCH 2018

are recorded — to be used for recording and transferring property deeds. Why is real estate adopting cryptocurrency? Put it down to convenience. In traditional real estate transactions, a buyer and seller must engage a title insurance company to transfer the deed and guarantee ownership rights to the buyer. This process can take days or even weeks. But when Bitcoin enters the picture, transactions happen instantaneously. The virtual money is simply transferred from one digital “wallet” to another. The blockchain computers note the transaction and update the public log with the purchase — and release the deed. “It’s very simple and easy,” Natalia Karayaneva, CEO of the San Francisco-based realty company Propy, says of cryptocurrency transactions. “You just log in, pay, sign the documents electronically, and then

OOO In my experience, to buy and hold (possibly with a target-price in mind for cash-out) is simply the best way to trade cryptocurrencies – be it the prime cryptocurrency, or the altcoins. It is simply an approach that I prefer based on my own personal trading psychology. Most people who say they lost money trading cryptocurrencies, especially bitcoin, had not the vision of the true potentials of that market asset. So each time a decline occurred on the asset, they quickly panicked conjecturing that a “crash” was imminent. They hurriedly shed their digital gold into the waiting wallets of richer and wiser investors, who swept them up eagerly, only to make huge profits when the asset completed correctional cycles. Then again considering Cryptocurrency as a market asset for trading and investing, the issue of security initially pops up in mind. Many a would-be investor or trader fascinated with cryptocurrency nurses the initial “technophobia” of loss of funds due to the activities of hacking networks. Once in a while the media comes awash with spooky tales of wallets and exchanges alike, being massively hacked, and all funds

you get a title deed with a blockchain address, as soon as the cryptocurrency is received. No hassle with banks.” The trend is also visible on the other side of the country. In New York City, several apartment buildings will begin accepting cryptocurrency for rent payments later this year. National Cryptocurrencies Concerned that large numbers of people may soon be making untraceable payments without the involvement of banks or other institutional intermediaries, national governments are looking into issuing virtual currencies that afford the convenience of Bitcoin, Ethereum, Ripple, and the like, while preserving their ability to keep tabs on large financial transactions. National cryptocurrencies might also help curb the wild fluctuations seen in the price of Bitcoin and other inde-

held neatly evacuated by hackers. This continues to be the reality of the Cryptocurrency trading arena, but let us be mindful of the fact that this technology and its culture are new; and it is the nature of reality that every new invention is usually wobbly at first, but in time begins to garner safety and security as more efforts are brought to bear upon its workings for containment of its initial failures. It will be no different with Cryptocurrency. Let us also be mindful of the possibility that most individual wallets or that of exchanges that got hacked, lacked enablement of all security features that were available even as at current levels of technological development in the industry. Blockchain. info for example, boasts multiple layers of security for each of its active millions of wallets, which must however be enabled by the user for security of funds to be achieved. The truth is that most hack-attacks on wallets are invited by the negligence of the wallet owners to adequately configure the security status of their wallets. The incidence of “mistaken” transfer of funds from one wallet to another is yet another huge scare of the Cryptocurrency culture. It usually owes to human negligence or simply the error thereof. The “address” one sends funds to in a Cryptocurrency transaction is usually only an ugly-looking alphanumeric string. I usually check and cross-check back and forth for a whole hour if necessary, until I can almost recite the first and last 4-6 characters, before a jittery click on “send”. To click “send” before a satisfactory validation of the recipient-address is recipe for a typical Cryptocurrency transaction nightmare. And once the money leaves its home wallet – it is gone! Unlike what obtains with traditional banking systems where funds can be recalled, no such luxurious technology exists in Cryptocurrency transactions – as yet. It is true there are efforts in that direction, no popular technology exists for now facilitating recall of funds sent “mistakenly”. Hence the need to be extra vigilant and diligent – even prayerful as I have become used to! – to avoid the misfortune of becoming the button-happy Cryptocurrency trader who sends funds “mistakenly” into the Cryptocurrency abyss! Richard Igiri is a cryptocurrency trader with a first class forex trading company iMarketsLive.

pendent cryptocurrencies. The price swings have made some currency speculators wealthy while impoverishing others — and have complicated financial life for everyone who uses cryptocurrencies. “There are no fundamentals we can use to pinpoint just how much Bitcoin is really worth,” says Kevin McIntyre, professor of economics at McDaniel College in Westminster, Maryland. “This makes it difficult to predict the future, and how much you stand to lose should the bubble burst.” If the U.S. were to issue a “cyberdollar,” its stability would presumably rival that of the conventional dollar. Greater stability would make it more attractive to many consumers and investors — though certain problems might remain. Cryptocurrency wallets are more vulnerable to hacking than conventional bank accounts, so security is one problem. Another has to do

with errant payments. With existing cryptocurrencies, a simple typographical error made while entering a blockchain address can direct a payment to someone else — with no clear-cut way to get the money back. “A lot of work will be needed to make the infrastructure secure,” says Rod Garratt, a professor of economics at the University of California, Santa Barbara. “Right now, if you follow cryptocurrencies, every other week there’s a big story about a hacking incident, which is scaring a lot of folks away, particularly the older demographics.” The Demand For Privacy Even if cyberdollars or other national cryptocurrencies are introduced, experts say Bitcoin is unlikely to go away anytime soon. That’s because virtual currencies issued by national governments would mean an end

23 /E-PAYMENT REVIEW/ MARCH 2018

AFRICA AS NEXT BIG MARKET FOR CRYPTOCURRENCY POLE POSITION

1st

Nigeria's place on cryptocurrency exchange Paxful. The United States is second while Ghana is third.

POPULARITY CONTEST

Number of cryptocurrency trading venues that opened in Africa within the past year alone in addition to peer-to-peer marketplaces.

HIGH PREMIUM

40%

Percentage that bitcoin traders in Africa paid in 2017 higher than its price elsewhere. Demand in Africa was so high that Zimbabwe-based Golix exchange sold one bitcoin at $34,000 in December 2017 instead of its price of $20, 000.

LOST TREASURE

$50 million

Amount that more than 27‚500 people lost in one of the biggest bitcoin scams to hit South Africa.

LONG TERM PROSPECTS

1 billion

Number of customers that Luno, a cryptocurrency exchange in South Africa plans to reach by 2025. It already has 1.5 million users.

to the anonymity that is part of the appeal of independent cryptocurrencies. “If I would go online and buy some things using cyberdollars, those firms will be able to identify who I am, what I’ve bought, and conduct target advertising based on my past shopping habits, just as they can right now with online dollar payments,” McIntyre says. “And there will still be people out there who view this as intrusive and a lack of privacy that they’re uncomfortable with. And in comparison, Bitcoin is almost perfectly private.” Ultimately, the future of currency may hinge on what we value more: the safety and stability of national currencies or the privacy afforded by Bitcoin and its cryptocurrency kin. This article was originally posted on nbcnews.

Interview

The Digital Detective In this interview on policing in the digital age, Commissioner of Police in charge of the Special Fraud Unit (PSFU) Ibrahim Lamorde shares how his department could make progress on the challenge of cybercrime if only victims could deliver the right information to his officers at the right time

PSFU - ADEKOYA ADEYINKA

BY BROWN N. UGBAJA

COULD YOU EXPLAIN YOUR DAY-TO-DAY OPERAtions and wider force objective and how your focus has changed in years with the advent of cybercrime and online security? Maybe I’ll just start by giving you a brief background of the special fraud unit. Itwas established in 1993 by the former Inspector General of Police, Ibrahim Kumasi. The primary reason for setting it up was because of the prevalence, at that time, of advance fee fraud, popularly called 419. It was so embarrassing to the country and the government felt something needed to be done. To answer that, the police were tasked and they came up with the idea of a special fraud unit which was initially supposed to be like the special fraud unit in London Metropolitan Police. SFU was set up to look into major fraud cases in the country and also to address the method of advance fee fraud at the time that involved letters been written and sent through post by fraudsters to various victims around the world, soliciting advance fees for all sorts of schemes. In fact, it got to a stage that we seized one million letters that fraudsters had written and wanted to post out to various parts of the world. This was how people got set up then and conned. But with the advent of the internet and its accessibility to almost everybody and with every personal device like the mobile phone having easy access to the internet, they started migrating from using letters to carry out their fraudulent schemes to sending out mass emails. This practice is one of the prevalent forms of cybercrimes around here and as it evolves so also are the police able to respond to it. Overtime, the special fraud unit also has changed its mode of addressing this issue by not just going out looking for those responsible but also training officers to use ICT for detection and apprehension of the culprits. We have officers who have been trained to a degree and who are able to address the issue of cybercrime. They are not only in the special fraud unit but in other units of the Nigerian Police Force. Generally, we have the competency but that’s what we do here primarily and we have been making a lot of progress. Law enforcement agencies are struggling to meet rising

public expectation in an era of increasing borderless crime. What are some of the unique challenges you face today in policing the online environment? The online environment comes with a lot of challenges. When we talk about cybercrime, we must understand that there are two distinctive forms in the world today. One is cyber-dependent crimes and the other one is cyber-enabled crimes. The first one involves certain crimes that take place in the cyber space that cannot happen without a computer or a network. It depends on all elements of the cyber world for such crimes to take place. Cyber-enabled crimes are those day-to-day crimes we know about that are now being escalated because the cyber world has made it easier for criminals to go into them. We talk about fraud, identity theft, sexual offenses, stalking and even murder. People have used the cyber space to procure murder. The cyber space has enabled people to commit these crimes at a larger scale.This presents a lot of challenges because cybercrimes generally are high tech crimes, which means technology is involved. So to address it, you need to have that knowledge and have even more knowledge than the fraudsters. But then, training people in technology is very expensive; to acquire the knowledge you need to pay a lot of money. There are also forensic tools required to carry out investigations from computers to android devices like tablets and phones, etc and getting them requires a lot of resources. Even when you acquire the tools, you need to pay annually for some of the software or certification for most of them and after a while you’ll be asked to upgrade them. You’ll be spending money all the time in order to be up to date. That is one challenge. And there is the issue of the law itself. For every law enforcement, not only in Nigeria, the issue of the laws that deal with cybercrime sometimes present different challenges. In Nigeria, we have the cybercrime act, which has existed for some time now but the positions of the law have not been really tested. Secondly, looking at the rate at which new technologies are emerging, we find that some of the provisions of the law are not in tandem with the new technologies that are coming into existence. Yet, the law is not something you keep renewing every year and that is a chal24 /E-PAYMENT REVIEW/ MARCH 2018

We try to seize the opportunity to expose our officers to technology by getting people to come and train them here or send them to places where trainings related to cyber activity takes place so they can attain the required knowledge.

25 /E-PAYMENT REVIEW/ MARCH 2018

PSFU - ADEKOYA ADEYINKA

Interview lenge. There’s also the challenge of identity because of the anonymity of the cyber world. I can send something to your computer but you won’t know where I’m sending it from. If it is to your mobile, I can decide not to use a phone so you won’t track my number and use the internet. To track me you will find it difficult; may be you will trace the IP address and things like that but then it depends on the jurisdiction I’m sending it from. To identify the people responsible for the crime is an issue. Even when their identities have been established, you have to deal with the issue of jurisdiction if they are not operating from within your country. After you confirm the specific country where such persons are operating from, you can’t just bring them down to Nigeria to face justice. You start facing issues of extradition and to get through this you have to get the law enforcement in that country where the criminals reside to arrest such persons. Added to this jurisdictional issue is that for a country to attend to your request, the nature of the crime will also have to be a crime in that country or else it will be difficult for you to convince them since nothing happened to them. That’s a very serious challenge. Above all, the cost alone will be enormous. The investigations will demand a lot of resources especially when jurisdiction issues are involved. Basically, these are some of the challenge we face with cybercrime investigation in the country. That is added to the fact that people, especially big organizations, are sometimes reluctant to report fraud incidents. They may not want to report such incidents in order to avoid reputational damage because they provide services and want customers to trust in their system. So when they experience an attack, they try to cover it up and keep quiet. But it is only when people report these incidents that we can know the nature of the cybercrimes that are taking place and begin to think of how to address them. Some people believe that when they disclose to law enforcement that they were victims of cybercrime it will show that they are either stupid or greedy depending on the scheme used to defraud them. The digital security environment has become even more challenging with the concerns you outlined over the absence of infrastructure capacity for law enforcement to monitor the digital space on one hand and the growing threat from fraudsters and hackers on the other. How do these issues affect

I think it would be very useful and helpful when we have an academy that people can go to and be trained.

the ability of the Special Fraud Unit to carry out its duties in a way that is congruent with international standards? When it comes to international standard there’s also a problem there. What is international standard when it comes to cybercrime investigation? Each country has its laws and yes we can have good practices across all jurisdictions but we can only do the best we can because every environment has its own peculiarities. In Nigeria, with regards to the knowledge base when it comes to technology, we are not doing badly. What we do here is try the best we can to address the complaints we receive by using the knowledge we have with the little tools available to us. This means that extra work needs to be done. In some jurisdictions, when they get complaints they are able to address them easily because they have the tools but here sometimes, even if it’s a technology issue, we have to use our head to solve it and we have been getting results despite the short comings. The only major constraint at times is if other jurisdictions are involved. It becomes tough because we have to send a letter to the Minister of Justice and he has to send it to the Minister of Foreign Affairs of the country involved and there they’ll start the process and it takes forever. With the issue of cybercrime, time is of the essence. It’s all about speed. Overtime we’ve realized that the issue of jurisdiction takes a longer time and at the end of the day it may affect the outcome of the investigation. But in the area of investigations that are local, we are getting results. Recently, we arrested a lot of people who clone multiple ATM cards and are using them to withdraw money from people’s accounts. And we are going to do more. If you’ve been following developments in the banking sector from last year, you will see how the banks are all trying to outdo each other on the use of technology. Everyone is coming up with something new, which is good for our people but also comes with a lot of exposure. The people whom those projects are being created for are not very sensitive about security, so how do they protect themselves from cyber theft. Because of that we have always seen the need to continue to update our officers so they can address what is happening in the digital payment and technology environment. We are training them and building the kind of partnerships that will give them an edge over the criminals. I think we are not doing badly but there is room for improvement.

26 /E-PAYMENT REVIEW/ MARCH 2018

When we are looking at the room for improvement, we need to factor in the fact that technology is a murky area to majority of members of the police force both in its use for policing and in relation to the discussion around cybercrime. In your opinion, what are the most important technological advances you have seen in the past five years and how do these advances impact the work of the PSFU? There are so many technological developments that have proved very useful to our line of work but I am not going to mention them specifically before the vendors will think that I’m trying to help them market a particular product or otherwise. But they are tools that we use to make sure that those who perpetrate cybercrimes are apprehended. For instance, we have tools for extracting information from mobile phones. We can get the history of your online activity from your phone, which is usually useful in an investigation. There are tools that can get a recent image of a computer hard disk which will give us the information that we want and that can be used in an investigation. We have tools that we use for preserving the information on the hard disk in a way that we can present it in court. There are many of such technologies available that we use to get information that enables our officers to solve a crime. We have tracking devices that are useful for tracking suspicious activities and there are tools we use to identify the internet service provider in pinpointing where such suspects are located. They enable us to narrow down where a particular crime is originating from. There are many tools we use to help us in solving cyber related crimes. How does “physical” crime compare to the theft of data or information? What solutions can police officers adopt to address the emerging challenges with policing in the digital age? Like I said earlier, knowledge is important in trying to tackle the activities of fraudsters. Officers have to acquire knowledge and must be trained to be able to address the current challenges created by the use of technology. It helps the PSFU in addressing cybercrimes. But we need the cooperation of industry practitioners and the individuals that are targeted by these cyber criminals. Once there’s that collaboration it becomes easy to investigate such cases and bring the persons to justice. But where we don’t have that, it becomes a challenge. What we try to do is to reach out to organizations and individuals that we think would add value to what we are doing. We also try to seize opportunities to expose our officers to new ideas in law enforcement and investigation techniques by getting people to come here and train them or send them to places where trainings on cyber activity take place so they can attain the required knowledge. But because of the cost, many of them are not able to go for such training. What we do is that when those who went return, we insist that they deliver lectures here to their colleagues who were not able to go so that they too would benefit from the knowledge they have acquired. By doing so we are able to replicate the knowledge so that more people will be exposed to it. Many of our officers are also acquiring this knowledge on their own. Some register for online courses to carry out research on how certain things are done. Some of the courses they need to pay for while some are offered free. They try to relate what they learn to our local environment and it has proven very useful to us.

some of these cases and they are at various stages of trial in court but there are other provisions that situations have not warranted us to try. So, we wouldn’t know whether those provisions would stand the test of time or not. But the most important thing is getting industry practitioners to look at the law and review it because they have the knowledge and they will be able to relate what they experience to the provisions of the law. In the third issue of this magazine last year, we advocated the creation of a digital academy to train special police officers in order to fix the current dearth of skills in policing digital crime? Do you think that such an academy is necessary? I think it would be very useful and helpful when we have an academy that people can go to and be trained. There they would be able to interrogate some of the things they see in the field; sit down with people to look at those things so that they can come up with solutions to them. It’s very important that we have it but how soon can we get it done? It would require a lot of resources to set it up. Even if we can’t have a digital academy immediately, we need to have an office that is dedicated to the training of officers in all things digital. I don’t know how long it’s going to take to start up a digital academy but it’s very important we start somewhere.

We need the cooperation of industry practitioners and the individuals that are targeted by these cyber criminals. Once there’s that collaboration it becomes easy to investigate such cases and bring the persons to justice.

Among the challenges you outlined earlier, you mentioned legislation. Are there aspects of the cybercrime legislation you think could be improved to help investigators to work more effectively? I will not be really specific about the provisions of the law because I don’t have a copy here with me but I can tell you that any law related to cyber crime will require some review after 5-10 years. The National Assembly needs to bring in industry practitioners, sit down with them and let them go through some developments out there in the cyber world and what is in the law to see whether some of the provisions may require some amendment or areas that need to be brought up to date. Like I told you earlier, the cybercrime legislation that is in existence has not been really tested. We need to do some cases on them so that we can know their impact. I know we have charged some people in respect to 27 /E-PAYMENT REVIEW/ MARCH 2018

One of the reasons people gave for not reporting to the police when there is a fraud incident has to do with concerns about privacy. Privacy has steadily eroded over the past few years as a result of the lure of the people using social media and mobile devices. With police officers having access to personal information even the ones people are trying to protect, can we actually have a reasonable expectation of privacy when it comes to police investigations of cyber-crimes? We have had so many cases under investigation and has there been any issue of privacy violation so far? The answer is no. Our people are responsible and you find that all over the world cybercrime investigation is handled by responsible people. There has not been any situation where anyone raised an issue about a violation of their privacy rather we are the ones telling people to protect themselves. The thing is if they hadn’t exposed themselves, fraud attacks wouldn’t have happened. They only come to us after something has happened not before. I want you to comment further on cross-industry collaboration with law enforcement. E-PPAN, as an association, is pushing to make the prosecution of fraudsters an important factor in digital payment security and that would require law enforcement to be at the centre while key elements of the industry - processors, mobile money operators and banks – are around it and providing the necessary information. I think it is a great idea and I give it my one hundred per cent support. My hope is that cooperation and collaboration would be taken to a higher level so we can have a situation where law enforcement and the industry share ideas and pursue the same objective. I think that if the industry practitioners are assured of what you asked earlier about privacy and confidentiality, they’ll be willing to come forward to work with the PSFU. Companies are very careful and wary now because they don’t want their issues to go out to the public so that it doesn’t negatively impact their business. But once they are assured that it enhances the security of their businesses, they will work with us and I feel there’s a great way we can achieve that. Do we need to make legislation to set that into motion? I think it should be a cooperation thing because it will enable us to do things more creatively although there are times it could hinder us too. It is not everything that requires legislation. Cooperation is cooperation. There are several freedoms in the Nigerian constitution but nobody wants to come together to do something and that does not benefit the society. I don’t think we need a law, we need to start first and see what we can do amongst ourselves without needing a law to enable us do it. What people do in most cases is to sign a memorandum of understanding so that they can have something governing the relationship or how they want the relationship to work. We can have something like that but we need to convene first and take it from there.

In The Arena

ChamsSwitch Facilitating digital payments in a world where everyone is a merchant

WHETHER ONLINE PAYMENT, CARD PROCESSING, FUNDS TRANSFER, airtime top-up or gateway services, ChamsSwitch has just the right service for everybody. As one of Nigeria’s longest tenured online payment platform, the company uses industry best practices to power digital payments and support systems for varied organizations, the government, financial institutions and intermediaries as well leading merchants in Nigeria. ChamsSwitch offers digital-centric consumers a payment platform that is saturated with a rich set of indispensable and powerful value-added features in the areas of multichannel payments processing, transaction security, intelligent inventory tools and intuitive point of sale systems. In fact, the company’s avowed passion is continuously geared towards possessing and managing a world class payment system that can process and settle transactions efficiently, as well as using globally recognized solutions to aid interconnectivity to issuers, acquirers, merchants, service providers and other switches globally. And it is living up to its promise by helping innovate and prepare Nigeria’s grounds for a world that is in a race to be wholly digital. It is empowering businesses to be competitive by providing them with a platform that has the agility and flexibility to meet their distribution expectations, help them offer new products more quickly, and create a far better experience for their customers. ChamsSwitch has cemented its position in the market mainly because of early-mover advantages that have allowed it to build scale. Established in 2008 to provide electronic transactional and switching services for identity management platforms supported by the Federal Government, it has transformed into a digital marketplace for enhancing the way businesses and individuals pay and get paid. A subsidiary of technology behemoth, Chams Plc, since it was awarded a switching license by the Central Bank of Nigeria (CBN) in 2009 to of Nigeria, it has offered a comprehensive array of services that aid retail and corporate business transactions including person-2-person (P2P), bulk e-salary and e-pension payments, and payment gateway internet service for web processing (collections). The global payments ecosystem is constantly evolving into a complex universal network. As new fintech startups disrupt the way we move money around the world, businesses of all sizes need to keep informed about the changing payments landscape. To remain relevant and competitive, they need to understand today’s payment trends and consider how to advance their payment processes to meet the demands of modern commerce. So, ChamsSwitch is taking the guesswork out of electronic payment transformation for them, by combining its parent company’s core foundation in technology with flexible payment architecture that is dedicated towards removing barriers for businesses and creating opportunities for growth. The company has managed to cut through the noise in this crowded market. Its products and services are revolutionary in concept and are built to give its customers’ access any payment infrastructure with oneclick and without any media discontinuity. It is a full-stack gateway, provides a web platform that enables 24/7 payments and has designed a way to aid transactions in real time by simply sending an email. Gateways are the first step in the digital payment process, and they are crucial in helping companies more easily accept online transactions. They serve as the online version of a payment terminal and front-end processor for online and mobile sellers. ChamsSwitch payment gateway provides these values for businesses seeking a payment processing solution. It allows them to concentrate on their core activities by providing acceptance controls across multiple merchant channels including web and mobile. Its features include allowing customers to select preferred card payment options from a list of available payment processors and providing reports with flexibility for searching, based on unique product identity and payment reference for easy reconciliation. Money passing through

ChamsSwitch is taking the guesswork out of electronic payment transformation for them, by combining its parent company’s core foundation in technology with flexible payment architecture that is dedicated towards removing barriers for businesses and creating opportunities for growth.

28 /E-PAYMENT REVIEW/ MARCH 2018

the funds transfer system can be received in any deposit money bank account instantaneously. Additionally, ChamsSwitch services include seamless connectivity with multiple international and local card payment options including Visa and MasterCard as well as award-winning support, dynamic currency conversion, enhanced 3D secure authentication for online transactions, as well as advanced fraud screening and prevention. SwitchPay, the company’s switching service delivers cost-effective transaction routing and processing and also facilitates access to Nigeria’s digital payments system, including links to financial institutions and relevant card schemes. ChamsSwitch is a trusted partner for many banks, mobile money operators and other players who rely on it to provide their customers with seamless transaction experience. Its switch uses the latest, platform-agnostic technology, which allows it to integrate with any type of banking platform. Currently, these robust systems power a whole range of transactions including ATMs, cards, e-commerce and PoS terminals. Besides, Chams long-term industry connections with card schemes, financial institutions and core banking systems means its subsidiary can get businesses to market faster – ultimately allowing them to provide better services in addition to saving business time and money. ChamsSwitch’s other products are Naira.com and MailPay. The former was the outcome of research into the development of a multiplatform channel that will appeal to corporate entities as well as consumers. With the advent of mobile computing, transactions are no longer tied to the desktop. ChamsSwitch understands that digital services end users expect to be able to switch between desktop, tablet or smartphone anytime, anywhere. As internet aided devices become preferred channels for how people share information and do transactions, many businesses have been convinced to migrate their services online in order to expand their customer reach. As such, the company does not want businesses to go through the hassle of building responsive web portals or making tactical mobile development choices in order to be able to compete. To help, it created Naira.com, Nigeria’s premier online payment platform to offer a multi-channel interface to consumers. The portal is integrated with MailPay, a solution that ChamsSwitch and its partners developed to facilitate payment via email. Customers who are wary of login into a web or mobile platform before executing their transactions could process funds transfer, bill payments and collections by sending an email to a designated email address. Using both Naira.com and MailPay,

they can access and make payment to multiple billers including utilities like Ikeja Electric, EKODC, Lagos Water Corporation and subscription services like GoTv. The architecture includes a ConfirmMe service that offers seamless and full proof biometric identity-powered security system backed by NIMC’s national identity number. Service providers registered on the portal can run a quick check on individuals either seeking a job employment, school admission or a credit facility. The mobile version of the service permits users to make purchases on-the-go; a virtual card, part of a loyalty scheme for users on the platform, lets them accumulate gem points for every purchase made through Naira.com while an account verification system validates the accuracy of account name and number during bulk funds transfer. Through a combination of the services it offers, ChamsSwitch is helping organizations with a roadmap to implementing and integrating digital payment technology to align with their business objectives. That is because its

EMMANUEL OJO Chief Operating Officer of ChamsSwitch Key tech expert who has always been driven to understand underlying mechanics of things.\

team, the minds that created these groundbreaking products and cutting-edge tools, had a mandate to put payment control into the hands of the consumer. Since the beginning, ChamsSwitch has focused on building the company with the best people, especially top talents who have the kind of expertise to stand up new products and convert legacy products. For instance, Emmanuel Ojo, the company’s chief operating officer has never been satisfied with surface level understanding and has always been driven to comprehend the underlying mechanics of everything. As a young child, he taught himself how to design video games, which sparked his passion for software and helped him develop a fundamental knowl29 /E-PAYMENT REVIEW/ MARCH 2018

edge of computers. With a bachelor’s degree in industrial mathematics from the Federal University of Technology, Akure and a master’s in business information systems from the University of East London, Emmannuel’s passion for reducing inefficiency, coupled with his deep knowhow of software creation, led him to become a business development officer at RIA Financial Services in the UK. He was later recruited by Diamond Bank in 2008 to join its e-business operations and rose to head the department five years later. In 2015, Emmanuel moved over to ChamsSwitch and since then has been steering the company into different areas of success. With overall responsibility for the strategy and operations, his passion is to change how the industry implements and uses technology with his philosophy of reducing payment complexity for not only organizations but consumers in general. Also on the team is Temi Nelson who began her career in Shell in 1997 but later moved over to the banking industry after qualifying as a chartered accountant. She currently serves at the chief risk officer of Chamsswitch where her two decade multi-skills experience enables her to fit various caps while establishing a risk-aware culture and supporting the strategic directions of the company. She had worked in the internal control and audit division of erstwhile Standard Trust Bank where she became an area compliance manager before being deployed to financial control and external reporting in UBA after its merger with Standard Trust. Temi left UBA as the group head GL review and management to work with the Vega Group and Westminster Group UK as a senior management accountant and group management accountant respectively, where she was instrumental for various transformation projects for the companies’ clients like the UK Ministry of Defense, Home Office, and other government entities. Back in Nigeria, Temi consulted extensively for retail businesses, FMCG and other corporate organizations. She graduated from the University of Ibadan in 1997 with a B.Sc in agricultural extension services and is a fellow of the Institute of Chartered Accountants of Nigeria. Ensuring that the products of ChamsSwitch reach the right market and customer is the responsibility of Yinka Aboyade. Prior to coming to ChamsSwitch, he worked in the financial services sector for over a decade covering different business units in banking, focusing on digital retail products. Yinka held management positions with former Oceanic Bank, Ecobank and was engaged as a PoS business manager in Keystone Bank. He holds a bachelors of technology in quantity surveying from the Federal University of Technology, Akure as well qualifications in the dynamics of merchant acquiring. While ChamsSwitch’s strength lies in the diversity of its team of business managers and engineers who solve complex challenges in the digital payment domain, it is the company’s ability to build excellent client relations that sets it apart. It continues to work on “future proofing” its customers by giving them the tools they need to configure any type of product, use data analytics and connect to the internet in order to take advantage of the world’s extant digital reality.

NeFF Insight PRACTICAL ADVICE FOR THE MITIGATION OF PAYMENTS RISK BY THE NIGERIA ELECTRONIC FRAUD FORUM

Using security ratings to manage cyber risk With the growth in the number and sophistication of cyber threats, security ratings services patterned on consumer credit scores offer a solution

NEFF

By Mike Odusami A CHAIN IS AS STRONG AS ITS WEAKEST LINK-SO THE SAYING GOES. With an expanding business partner ecosystem, banks and financial institutions are evermore dependent on an interconnected and diverse network of services owned and operated by others. These third party services have opened up new business opportunities, expanded the quality of services offered to retail and corporate banking customers and accelerated internal processes required to meet the faster demands of today's competitive banking environment. Services offered by domestic and international partners, payment platforms managed by others, outsourcing services, cloud technology and telecommunications services provided by third party vendors have helped reshape the banking landscape and brought new levels of business agility to the financial services sector. The rise of fintech is expected to further expand the universe of core services performed for traditional banking institutions by relatively tech-savvy^ smaller and younger business partners. However, the use of third party vendors who have access to sensitive business data, are directly connected to your corporate network, or provide technology infrastructure brings with it new challenges since each player in the partner ecosystem, including the banks themselves, face cyber risks exposure that differ markedly and are ever-changing. So is the level of expertise and resources that each participant in the partner vaiue chain is able to invest to mitigate their risks. While the financial services sector is in general, at the forefront of the fight against cyber frauds through advanced internal security systems and established best practices for fraud detection, interconnected business partners, especially smaller organizations generally invest less in information security, have less mature technology processes and have a smaller capacity to detect and manage sophisticated security risks. Recent trends point to the use of these less security savvy third party organizations by attackers as staging points for launching more far-reaching attacks on larger organizations within the banking and retailing sectors. These threats constitute a clear and present danger to the sectors, and have prompted financial regulators and standards bodies around the world to pay closer attention to the risks posed to the banking systems by third party vendors. New regulations, guidelines and existing standards are being updated to reflect a focus on continuous third party cyber risk management which is now a key oversight requirement for the board of directors and senior executives as part of their overall vendor risk management responsibilities. Security ratings companies such as BiiSight Technologies are emerging to augment existing vendor risk management techniques by providing visibility into the effectiveness of cyber security controls promised by third party business partners, as well as those deployed within the banks. Similar to credit ratings provided by credit agencies for managing financial investment risks, security ratings are offered by independent parties and present a way to objectively assess the security performance of all participants in an interconnected partner ecosystem. As evidenced by the spate of security breaches that occurred in 2014 and 2015 at reputable global organisations, your bank's risk exposure from cyberattacks hinges not only on your own internal security and compliance efforts, but also on the strength of third parties that you share confidential customer data with, and those that are connected to your information systems. Some of the most damaging cyber-attacks reported in the last two years were perpetrated by exploiting weaknesses in third party information systems. In one example, attackers injected a malware into the facility monitoring systems of a bank's building maintenance services company to gain access to and sniff out weak systems within the bank to steal confidential customer data and corporate information. Stolen customer information is usually a prelude to other forms of malicious attacks (such as phishing attacks via email) and financial frauds including account takeover, and credit cards frauds. These attacks highlight the shortcomings of current techniques for manag-

Dipo Fatokun Chairman of NeFF and Director of the Banking and Payment System at the Central Bank of Nigeria (CBN) and Hajiya Umma Dutse, Director, Consumer Protection, CBN at the the NEFF stakeholdersâ&#x20AC;&#x2122; workshop on cybercrime.

Basil Udotai, Managing Partner, Technology Advisors speaking during the session on â&#x20AC;&#x153;Enforcement Challenges Inherent in the Cybercrime Act 2015â&#x20AC;? at the NEFF Stakeholders Workshop on Cybercrime on May 30, 2017 at Transcorp Hilton, Abuja.

ing third-party vendor risks, even when the target organizations meet other security compliance requirements such as PCI-DSS. Starting with periodic vulnerability scans and manual vendor assessments which are based on subjective 'point in time' questionnaire responses and a checklist of available security controls at the time the vendor is recruited, the assess merits are designed mostly to validate the existence of required security controls by vendors, but they do not verify the effectiveness of those controls on an ongoing basis. Periodic scans provide a point in time snapshot of known vulnerabilities. Without continuous monitoring backed by real-life data, it is difficult to know for example, how quickly your vendor responds to new threats and vulnerabilities; or how many days a botnet spends on the vendor's network, sending data to attackers before it is discovered and eliminated. And with a typical bank having 200 or more tier one business partners in their 'supply chain', vendor risk management systems based on manual processes are not scalable beyond a handful of vendors. The rising concerns about cyber risks to financial institutions through third party vendors coupled with the gaps in existing assessment methods in a constantly changing threat landscape made regulators around the world, including the Central Bank of Nigeria (CBN), to issue new guidance for managing broader cybersecurity risks and those risks specific to business partners. In the United States for example, various financial services regulatory agencies are taking a second look beyond the current system of questionnaires for third party risk assessments and demanding deeper oversights based on continuous monitoring. As an example, the New York State Department of Financial Services (which oversees many of the largest US financial institu-

30 /E-PAYMENT REVIEW/ MARCH 2018

tions), called for greater cybersecurity oversight by financial institutions and required implementation of policies and procedures by the banks with these minimum requirements: Setting overall cybersecurity policies and

Osioke O. Ojior, Chief Risk Officer, Nigeria Inter-Bank Settlement System (left) and Ifeanyi Emefiele, Head of Anti-Fraud Audit and Deputy General Manager, Access Bank Plc at the NEFF stakeholdersâ&#x20AC;&#x2122; workshop on cybercrime.

Cross Section of stakeholders at the annual retreat of the Nigeria Electronic Fraud Forum (NeFF) held at Iyaganku, Ibadan in November 2017. the retreat had the theme "Operationalizing a four sided approach to preventing fraud

procedures; creating policies for managing third-party service providers' cybersecurity; hiring qualified CISOs, staff and vendors to ensure sufficient cybersecurity and cyber-intelligence capabilities; ensuring CISOs enforce cybersecurity procedures and standards that ensure application security. It also includes using multi-factor authentication for customers accessing online banking, and for employees and service providers accessing internal systems and data; auditing all related processes and maintaining cyber-incident and breach notification policies. Some of these requirements, or their equivalents, may have been implemented by banks in Nigeria as part of their overall security posture while others use of multi-factor authentication for access to banking processes and systems, have been mandated by the CBN. In addition to implementing the processes and solutions required to meet new vendor risk management guidelines, and to comply with revised standards such as PCI-DSS, financial institutions are also being asked for information about their firm's exposure to cyber risks by their boards of directors who read headlines about breaches involving high profile retailers and major banks. They are concerned about the financial impact, sanctions by regulators and reputational damage to their brand and their firm's preparedness. From the foregoing, a combination of demands is driving new approaches to third party vendor and cyber risk management strategies. One is communication of security information to the board of directors on a regular basis to address their concerns about the cyber risk faced by the banks and demonstrate preparedness. Two, managing the security performance of critical vendors and partners with verifiable data minimal overhead, and with auto-

mated monitoring. Three, meeting regulatory and compliance requirements for continuous monitoring of third party vendors to augment other point in time assessment and audit techniques Security ratings emerging as one of the popular approaches for continuous monitoring of vendors to support these risk management strategies. Ratings are quantitative and objective measurements of the security performance of a vendor based strictly on measurements taken from outside the organization. No information is needed from the vendor to create a security rating. Compared to financial investment risks which are usually 'easier' to quantify using tried and tested financial instruments such as credit ratings and risk management techniques, cyber risks are much trickier to assess due to lack of quantifiable methods to rate and determine how secure an organization is compared to others - until security ratings services became commercially available about four years ago. The analogy with credit ratings is instructive. Credit scores are generally accepted external indications of the financial health of an individual, corporation or nation state, and have been successful due to their simplicity, accuracy and ability to compare the score of one entity with others. Additionally, the ratings are performed by independent credit ratings agencies, which are autonomous of the credit issuers and investors to remove bias in ratings. Security ratings services aim to achieve similar universal acceptance as a standard by providing an indication of the effectiveness of an organization's information security controls based strictly on externally observable metrics tracked by independent parties. To be clear, the ratings are designed to complement other security and compliance programs or tools deployed to safeguard a company's security such as firewalls, intrusion detection/detection systems, two-factor authentication, assessments and audits etc. However unlike manual assessments or periodic vulnerability scans, security ratings are based on continuous measurements. In one implementation, three categories of metrics are tracked - metrics based on external security events; the organization's security hygiene or diligence; and user behaviour. Proprietary algorithms and Big Data techniques are then applied to the collected data to create a rating, ranging between a low of 250 and a high of 900 for the organization. This is exceptionally easy to communicate to regulators and internal stakeholders within a bank and to the board of directors. External events observed include information on active malware, breaches, botnet activities, mass email propagation and other evidence of compromise. Security hygiene is derived from security configuration metrics that are representative of the diligence of the IT team in mitigating cyber risks. A properly configured email server, for example, can help prevent phishing attacks. Other examples of hygiene metrics observed include SSL certificates, use of non-compliant encryption protocols, Open Ports, DNS and DKIM records and others. User behaviour includes activity such as peer-to-peer file sharing. With these benefits, security ratings are becoming an effective tool for mitigating third party cyber risks, from the onboarding process through continued assessments. Companies have successfully utilized them to screen new vendors and negotiate minimum standards of cyber security performance. Once onboarded, these ratings prioritize actions for further assessments, allowing businesses to focus resources on the highest risk third parties. Since their introduction, security ratings services have been used by banks to support business oversight responsibilities by the board and senior banking executives, including due diligence in mergers and acquisitions. In one case, a bank client that acquired a smaller bank, noticed a considerable drop in their security ratings score following the integration of information systems from both banks. This was because of laxer security diligence by the acquired bank that showed increased staff use of peer to peer file-sharing sites for media and software downloads, elevated botnets activities and other observed risk vectors, which lowered the bank's overall score. Clients have also used their own security ratings for internal decision-making purposes such as justification for new cybersecurity investments, for demonstrating security performance trends to quantify improvements over time, and for comparisons with other banks. We have also recently seen the use of security ratings in the emerging market for cyber insurance as regulators demand adequate financial coverage for potential losses and legal costs resulting from cyber-attacks. Insurance firms are increasingly relying on security ratings to determine if a client has adequate security controls in place to be insured, and they are continuously monitoring the security ratings. Mike Odusami is the President and CEO of Maxut Consulting, a cybersecurity solutions provider with offices in Lagos and Oakland, USA. Culled from 2015 NeFF annual report.

31 /E-PAYMENT REVIEW/ MARCH 2018

The Risk Report BITDEFENDER BOX 2

A firewall for everything COMPANIES SPECIALIZING IN COMPUTER SECURITY ARE DEVELoping more and more solutions to secure connected objects. In 2015, Bitdefender released its first-generation Box. Three years later, the Romanian cybersecurity and anti-virus software specialist is back with the Box 2, a cross between a home router and antivirus software. It does the usual router tasks, but also scans devices for common vulnerabilities, and warns you of unusual behaviour. You can use it to check up on data use, see what’s connected to your network, pause devices, and so on. It also delivers notifications; for example, it will tell you when a new device connects to your network, or when any protected device attempts to access a malicious URL. Maybe you’re being mindful of security, but what about everyone else who uses your computer or network? The Box can tip you off if someone’s gullible enough to click on an ad promising a free iPhone. Parents may also be interested in the parental control features, like restricting access by time or by type of website. These are mostly handled through a web interface but a greater degree of monitoring is available with Android phones, including real-time location tracking.

CYBERTHREAT REPORTS

BITDEFENDER

Organizations globally affected by crypto-mining malware HACKERS HAVE DEVELOPED MORE sophisticated methods and techniques for installing malicious software on PCs to mine cryptocurrencies, as detailed by researchers at Kaspersky Lab. The cybersecurity group said the most successful cybercriminals had earned millions of dollars exploiting PC vulnerabilities over just six months of 2017. “Many cybercriminal groups have switched to malicious miner distribution, and the number of users that have encountered cryptocurrency miners has increased dramatically," said Anton Ivanov, Kaspersky Lab lead malware analyst. "We have found, that by the end of 2017, 2.7 million users had been attacked by malicious miners – this is almost 1.5 times higher than in 2016 (1.87 mln).” He said the recent exponential growth of digital currencies had seen ransomware give way to the crypto mining threat. Kaspersky Lab, its team first noted a rise in miners in September 2017, when the software actively spread across the globe. The company describes miners as a class of malware that has continuously grown and extended its impact. The researchers identified one cybercriminal group that uses advanced package tool (APT) techniques to infect PCs with miners. Others are also known to have secretly infected certain web pages using special codes. Adware, pirated software, and cracked games are also used to infect users PCs, Kaspersky Lab added. The company recommends that users avoid clicking on suspicious banners and ads or unknown websites to protect their PCs from infection. It is also best not to download or open unknown files from unverified sources and to install a reliable security solution.

Cybersecurity takes top billing in the EU fintech action plan

Mobile security is about to become more robust

Hackers can access private WhatsApp conversations

CYBERSECURITY IS DOMINA-ting the European Union's upcoming fintech action plan, with a draft emphasising efforts to improve cooperation and coordination between market participants and regulators. Recognising its potential threat to the stability of the financial sector, the European Parliament has called on the EC to make cybersecurity "the number one priority" in the FinTech Action Plan. The draft plan calls for the creation of an EU Fintech Lab, where the ESAs and national regulators can engage with fintech firms working in areas such as DLT, cloud tech, AI and APIs, in a "neutral, non-commercial space" during targeted sessions. The plan will set out legal framework for crowdfunding,as well as authorising and licensing approaches for fintech activities, and "assess the applicability" of the current EU regulation on cryptocurrencies and initial coin offerings.

MAJOR US CELL PHONE CAR-riers are working on a mobile authentication system that could create a new open standard. Under the banner of the Mobile Authentication Taskforce, AT&T, Sprint, T-Mobile and Verizon say they have a solution which could roll out before the end of the year: next-generation, multi-factor mobile authentication, which is intended to provide better security than the two-factor authentication we've become accustomed to (and which is not without its flaws). The platform, powered by the carriers' networks, works by delivering a cryptographically verified phone number and profile data to authorized applications with the user's consent. Then it takes into account a whole bunch of other authenticating factors, such as a network verified number, IP address, SIM card attributes and phone account type, to make sure purchases and data usage is legit.

PRIVATE CONVERSATIONS beware! Despite end-to-end encryption now being commonplace in WhatApp conversations, German cryptographers have discovered a minor flaw in WhatsApp’s security that could lead to private conversations being gatecrashed by uninvited hackers, bypassing the usual chat admin invitations. In their paper, More is Less: On the End-to-End Security of Group Chats in Signal, WhatsApp, and Threema, presented to other enthusiasts at the Real World Crypto Symposium in Zurich, Switzerland, the team warned that WhatsApp has no security measures to stop invitations being spoofed from their own servers, leaving a hole that could leave millions of conversations at risk of being snooped on. A WhatsApp spokesperson admitted that the flaw was real, but pointed out that there was no way that the added user could be hidden and receive messages from the group.

PRIVACY & SECURITY

2017 was the worst year in history for data breaches THE PAST YEAR HAS OFFICIALLY SMASHED THE RECORD FOR DATA BREACHES, ACCORDING TO RISK Based Security’s annual report - another sign that criminal hackers are winning. In total, there were over 5,200 breaches and almost 8 billion user records exposed. Compare that to 2016’s total of 4 billion records and 2017 was twice as ugly. Hacking was a popular method for the data leaks, but it wasn’t the main reason for the massive spike. This was due to unintentional leaks; in other words, human error. Employee screwups caused approximately 5.4 billion records to be leaked, stemming from faulty backups, misconfigurations, and other errors. When looking at the Top 20 list of all-time biggest breaches in history, a staggering eight occurred in 2017. Forty percent of data breaches in 2017 occurred within the business sector and a further 8% in the medical industry. Government and education were responsible for about 7% and 5%, respectively. The U.S. had the most breaches with 2,330, followed by the UK at 184, Canada at 116, India at 78, and Australia at 62. However, in May, the European Union’s General Data Protection Regulation goes into effect, and with new rules for mandatory breach notifications, we may see numbers from Europe go up. 32 /E-PAYMENT REVIEW/ MARCH 2018

VIRUS SHARE

MISSING CRYPTOS

COSTLY DAMAGE

CHINA RISING

Amou Estimated cost of cyber crime to the global economy annually, according to a report jointly released in February by U.S.-based cybersecurity firm McAfee and the Centre for Strategic and International Studies.

Amount Amount that experts are accusing hackers of stealing from funds raised through initial coin offerings (ICOs). Whether the whole amount went to hackers, however, is currently not clear, according to Ernst & Young.

Amount Average cost of one data breach for large businesses in 2017, almost a 10% increase from 2016, which was tagged at $1.2 million, according to Kaspersky Labs which pegged the cost for small firms at $117,000.

Chinese consumers who have experienced a mobile payments security threat according to a UnionPay survey that found people had been exposed to some kind of mobile payment security threat, including information leaks, fraud or malicious attacks.

$600 billion

$400 million

$1.3 million

60%

MASTERCLASS

OMATE

Digital Encode train reporters on cyberthreats INFORMATION SECURI-ty and assurance services company, Digital Encode, has disclosed three defensive strategies that would help organization and individuals to fight the menace of cyber attacks effectively.They are prevention, resilience and detection/recovery. Oyediji Simileoluwa, a senior consultant at the company said at a Cybersecurity Masterclass Training for ICT Journalists in Lagos, that prevention increases the difficulty of attacks, resilience allows a system to remain functional despite the attacks, while detection/ recovery would allow systems to more quickly detect and recover from attacks to a fully functional state. Simileoluwa asked organizations to realize that they are an attractive target to hackers, warning that they should never say, ‘it won’t happen to me’ as security is a journey and not a destination. He also advised that there is a need to practice good password management. “Use a strong mix of characters, and don’t use the same password for multiple sites. Don’t share your password with others,” he said. Simileoluwa also pointed out that in information security, there is no 100 percent security, but one sure way to secure a system from network attack is to unplug it from the network and make it a standalone system. He however believes that, although the system could be relatively safe from internal and external attackers, its usability would substantially reduced.

KEEP YOUR KIDS SAFE WITH THIS COLOURFUL WATCH: Chinese smartwatch maker Omate is showing off its collaborative effort with Diablock, a Japanese toy manufacturer - a dedicated smartwatch for children. The Omate x Nanoblock marries both design and safety. It offers security features such as SOS alerts, two-way voice and video chatting, as well as a three-day battery life, an alarm, pedometer, stopwatch and front-facing camera. Crucially, its location tracking comes through 3G connectivity, provided through a built-in SIM card. This helps detect a wearer's location, which is triangulated through GPS, Wi-Fi hotspots and cellular networks. And none of its data can be compromised. FUTURE OF IDENTITY

Users value security over convenience THE TIDE IS TURNING WHEN IT COMES to consumer perspectives around digital identity and authentication: A report from IBM Security has found that people now prioritize security over convenience when logging into applications and devices, while biometrics is going mainstream. The study, which surveyed nearly 4,000 adults from across the US, Asia Pacific and Europe, uncovered that security has become the highest priority for logging in to the majority of applications, particularly when it came to money-related apps: 70% of respondents ranked security as the top priority over convenience or privacy when logging into investing, budgeting, and banking apps. Overall, respondents recognized the benefits of biometric technologies like fingerprint readers, facial scans and voice recognition, as threats to their digital identity continue to mount. However, the report found generational

differences in terms of how that security is enabled. Younger adults are putting less care into traditional password hygiene yet are more likely to use biometrics, multifactor authentication and password managers to improve their personal security. About 67% of respondents are comfortable using biometric authentication today (and 87% said they will be in the future), compared to 75% of those aged 20-36. However, less than half of millennials are using complex passwords and 41% reuse passwords. Older generations showed more care with password creation but were less inclined to adopt biometrics and multifactor authentication. With millennials quickly becoming the largest generation in today’s workforce, these trends may impact how employers and technology companies provide access to devices and applications in the near future, IBM noted.

33 /E-PAYMENT REVIEW/ MARCH 2018

THREAT LEVEL UNFIXED FOR NINE YEARS: Mozilla was left red-faced after a software developer discovered a flaw in Firefox and Thunderbird’s password manager which was nine years old. Wladimir Palant, who developed the Adblock Plus extension, found a red flag when looking through the source code. He discovered the function that converts a password into an encryption key was still using the unsecured SHA-1 hashing, which was recommended for replacement with SHA-2 or SHA-3 in 2010. NOT READY TO SHARE: The Chinese government has taken action to ensure security researchers from the country to do not share their knowledge at cybersecurity events outside of China, particularly those in Western countries, according to CyberScoop, which also reported that Chinese security services have been accused by researchers of vetting submissions to China's National Vulnerability Database in order to cherry-pick the best ones for use in cyber espionage. PROTOCOL FLAWS: Fresh LTE vulnerabilities can be exploited by hackers to eavesdrop on calls and text messages, spoof emergency calls and even knock mobiles offline. Scientists at the University of Iowa and Purdue University uncovered the 10 attack vectors that exploit flaws in three critical protocol operations of the 4G LTE cellular network. One such worrying vulnerability allows hackers to attach a device to the network and use it to spy on the communications of others on the network, as well as track their locations. DEEP FLAW: Researchers have found that Microsoft's Cortana AI assistant responds to commands even when computers are asleep and locked, and that attackers can bypass the login screen on machines and install malware by directing commands at it.

Roundtable

A look at how increasing the number of POS terminals and their utilities can help develop sustainable payment models that will power faster delivery of the twin ambitions of Cashless Nigeria and financial inclusion.

Ilevbare

Boosting MSME Payments at the Point of Sale RESPONDENTS Femi Omogbenigun Managing Director/CEO, 3Line Card Management Limited Kabir Lanlokun Manager, Business Development Citiserve Limited Victoria Ilevbare Head, Business Development Global Accelerex Limited

HOW DO YOU THINK NEW DIGITAL PAYMENTS technology can help small businesses meet the demands of today’s consumer? ILEVBARE: Digital payments can help small businesses in a number of ways if well implemented. It can help them keep accurate transaction records, and this in turn helps to reduce human error, and cases of fraud/theft. It is also useful for business analysis and tracking of trends. Most modern payment technology systems have built in tools for reporting and analysis for this purpose. Digital payment methods can also Improve the customer experience for small businesses. Digital payments have tools for customer loyalty, and automatic discounting which allow them to reward their customers and get repeat business. Many digital payments are also omni-channel in nature, allowing the customer to access them wherever it is convenient. Convenience is key for today’s consumer. Artificial intelligence is a budding trend in digital payments, customers can take advantage of features such as real-time digital shopping assistants to help improve their shopping experience. LANLOKUN: Digital payment is head and shoulders above cash transactions because it gives parties on the value chain access to online, real time transaction history, offers improvement in the reconciliation of transactions, 34 /E-PAYMENT REVIEW/ MARCH 2018

gives access to an electronic summary of transaction report and leads to reduction in overhead and operation expense. It gives businesses the ability to have an integrated system i.e. PoS in the cash register or enterprise solution. OMOGBENIGUN: Digital payments have grown tremendously in Nigeria over the last five years. Customers are embracing digital payment platforms as a convenient way of making payment. Research has also shown that customers spend more at locations where digital payments are accepted compared with locations where only cash is accepted. Digital payments help SMEs leverage technology without the business owners been tech savvy. This has helped in improving operations, customer experience and expanding businesses without any need for additional brick and mortar branches. Digital payments give SMEs better insights into their customers spending patterns which in turn helps the owners to make informed business decisions What do you think are the factors responsible for retail PoS systems’ low user adoption rates among small businesses? LANLOKUN: The reasons are many and they revolve around such issues as bulk settlement of transactions i.e lack of breakdown of transactions for merchants, banks failure to conform with the T+1 timeline for settlement of transactions, and the absence of adequate customized applications on the PoS for retailers. For customers, it has to with inadequate resolution process; dispute resolution in banks is too cumbersome and doesn't favour customers and the fact that we are mainly a cash-based economy, which means cash is cheaper and easier to get by citizens. OMOGBENIGUN: There are many factors affecting POS systems use, some of which are: Transaction settlement, which is a major issue responsible for the low adoption of POS payments. Transactions are meant to be settled at T+1 but the reality could be T+ 14days. This has discouraged many small business owners who are dependent on recycling the revenue made daily. So these businesses are not able to replenish their stock quickly enough to serve their

tion processing and reconciliation. The ideal payment platform should be able to manage inventory, make/receive payment and also reconcile accounts. There are a few applications in the market that combine these functionalities all in one box. This has helped to make business operations seamless, reduce operational cost and provide data for business decision making. ILEVBARE: We should be looking at integrated Point of Sale systems that provide one line of reporting for cash and card transactions for easy reconciliation. We also need digital invoicing applications that eliminate the paper trail and can serve as a means of collecting customer data for trend analysis and business decision making. Also important are inventory management solutions for stock tracking and digital solutions for Customer loyalty, discounting, and promotions. LANLOKUN: I think that in addition to the channels listed above, the PoS will do especially because it issues receipts which would be useful for dispute resolution. Another is USSD because it offers customers a more flexible approach to selfservice options. Compared to PoS, it gives consumers more flexibility in terms of usage.

Omogbenigun

customers. They are forced to wait until the banks settle them before placing fresh orders. Some have argued that it is the transaction fee that discourages SMEs from using POS terminals but research has shown otherwise. There hasn’t been a significant shift in the number of POS transactions at SMEs after the merchant service charge was reduced to 0.75%. Banks need to ensure that transactions are settled within the stipulated time framework because doing so with boost PoS adoption by SMEs. Another issue revolves around dispute resolution. This affects customer experience because majority of merchants do not have mechanisms to resolve payment issues or know what needs to be done when there is a transaction dispute. In cases where they direct customers to their issuer banks, the dispute isn’t resolved on time and this has been cited by customers and merchants as one of the reasons they are wary of using the POS for transactions. Merchants needs to be trained to handle transaction disputes. They need to understand the resolution process. Customers will be better managed if the merchant is able to provide first level support in resolving an issue. Other factors that have also affected POS adoption is cost. The POS transaction charge is more expensive when compared to cash. There are no fees on cash handing and deposit into business account. This makes using POS more expensive and hence the merchants’ decision to accept more of cash than POS payment. ILEVBARE: It has to do with a lack of adequate information on the workings of the POS system and wariness of bank charges and the universal T+1 model. Small business owners often want instant value to reflect in their business accounts. There is also the problem of erratic infrastructure leading to a large percentage of POS transaction failures and this has resulted in the hesitance of some small businesses to adopt the system.

Lanlokun

Are there any remarkable factors of success or challenge that have surfaced in some earlier cases of POS adoption in other places? Would the factors apply to the Nigerian market? OMOGBENIGUN: In countries where POS adoption has worked, the cost of cash to the business is always higher than electronic payments. In Nigeria it is the contrary, it’s cheaper to collect cash as there are no charges on deposits; not even for pick up by banks. The CBN identified this and introduced the cashless policy, which was meant to change the situation but the policy has not fully gained ground. There are lots of challenges around the electronic elements especially electricity and network connectivity. Also, banks lack efficiency in the aspects of transaction settlement, dispute resolution, merchant training and channel support. LANLOKUN: We need an ecosystem that is driven by the convergence of existing platforms with peer-to-peer payment applications like what Wechat and Alibaba are doing in China. Payment providers need to strengthen their relevance to both consumers and merchants by providing digital payment services using devices such as mobile phones, tablets, computers, and wearables gadgets. To boost digital payment adoption, banks have to explore offering their payment services using online and messaging platforms. These platforms will provide a variety of social networking and peer-to-peer products and services to customers who feel more comfortable using these channels for payment functions. With the influx of varied digital payment channels, what technological solutions will be more efficient in supporting retailers? OMOGBENIGUN: To maximize the benefits of digital payment, there is a need for SMEs to adopt a platform that can provide end-to-end transac35 /E-PAYMENT REVIEW/ MARCH 2018

What strategies do you think would help drive PoS adoption by MSMEs in Nigeria? ILEVBARE: There should be fewer barriers to acquiring a POS device and businesses should have several options when it comes to acquiring Point of Sale systems. There should be more public information on the use, processes, issues and challenges surrounding the POS. Businesses are more likely to adopt the POS when they are aware of its multiple uses as a tool e.g airtime sales, ticket sales, distributor management. We need better public infrastructure, and a reduction in failure rates in transactions. LANLOKUN: We need to do more public sensitization to increase people’s confidence in digital financial services. The micro, small and medium enterprises (MSMEs) assume that digital payment is for established businesses. Penalty on cash handling should be re-introduced and enforced. Charges should be on both deposits and withdrawals. Besides, the cashless initiative should be enforced in every part of the country and not major cities but it would require banks to reduce the minimum criteria for giving PoS terminals to merchants, especially monthly transactions. Payments to government, school fees, and utility bills should be made via digital technology. Chain stores and card schemes should offer loyalty rewards to customers on card usage. OMOGBENIGUN: The payment ecosystem in the country has become more robust, secure and reliable, unlike a few years ago when network connectivity, merchant and customer confidence affected usage. Full implementation of the cashless policy will have an immediate impact on POS adoption. It will also make POS transactions cheaper. We need to address the issue of settlement. Once businesses are assured that payments will be settled within the agreed time, it will help drive adoption. Electronic payments are safer than cash collection, businesses know this but the current structure might leave them without a choice but to collect cash. I will also recommend an industry SLA for POS transactions which will ensure that issues are resolved within agreed timelines and where they are not, the party responsible get penalized. This will help introduce better efficiency in the value chain.

NIBSS Fraud Report Fraud Landscape in Nigeria 2017 Executive summary

The year 2017 was indeed an eventful year in the e-payment space with new products/services launched, many challenges encountered and the emergence of advanced fraud schemes. The outlook of 2017 events would be incomplete without acknowledging the increased level of collaboration amongst stakeholders which was highly commendable. The year ended with an impressive reduction in amount lost to fraudsters when compared with the last three consecutive years despite an increase in fraud volume. The industry was able to salvage much more than last year through its counteractive and collaborative approach. The financial industry could attest to rapidly advancing technologies, evolving customer expectations and a dynamic regulatory landscape which served as the propellant for the conceptualization of innovative products and services churned out to the consumers. These innovative offers have not only captured the attention and imagination of the customers but have also increased their confidence in e-payment while utilizing these products and services. With all these and having opened up various electronic payment platforms to drive financial inclusion and adoption in the country, a surge in fraud attempts was actually expected. The rise in electronic payment products came with its unique and dynamic threats. The interventions by the various stakeholders are worthy of note with everyone playing her part to ensure that the fraudsters were unable to prevail against our collective efforts. With over N4 billion fraud attempts recorded, the industry was able to salvage a total of N2.4 billion which represents about 60% of the total attempts. The industry also recorded a commendable feat of 24% reduction in actual loss amount when compared to 2016. Even though the reported fraud volume increased in 2017 by 28%, this is the lowest year on year fraud attempt increase since 2014. The Nigeria financial industry recorded yet another feat in fraud reduction for the 3rd consecutive year. In conclusion, we implore all stakeholders not to rest on their respective oars but rather brace up for what is to come. Let us not relent in our collaborative and counteractive approach to ensure continued reduction in gains accrued to the fraudsters.

mating payments in Nigeria. Next to Instant Payment channel in transaction volume was POS which more than doubled from last year figures with a percentage increase of 129.69% thereby lending credence to the continuous drive in the adoption of cashless modes of payment. Transaction value of POS also increased. At 55% of the entire transaction volume, ATM preceded Instant Payment as the highest in transaction volume. The Bulk payments include NIBSS- based transactions such as Automated Bulk Clearing (ABC), NEFT, NAPS, e-BillsPay, CentralPay, etc. Transaction Volume by Products (in Millions) [2016 Vs 2017]

Transaction Summary 2017

The year 2017 closed with an increase in both transaction volume and value so much that we saw a 59.72% increase in volume and a 40.95% increase in value when compared to 2016. Trends across the years show a steady increase in transaction volume and value. Transaction Value in (N, Trillions) [2016 Vs 2017]

Transaction Volume (in millions) [2016 Vs 2017]

Year Volume (Millions) 2016 869 2017 1,388 % difference between 2016 and 2017 59.72

Transaction Trend by Month [2016 Vs 2017] Volume in Millions

Value (Trillions) (â&#x201A;Ś) 69.1 97.4

Transaction Trend by Month [2016 Vs 2017] Value in Millions

40.95

The entire volume of processed transactions in 2017 was a record high of 1.4 Billion while the value was over N97 trillion. These figures represent transactions processed through the Nigeria Central Switch (NCS) and Automated Teller Machine (ATM) transactions.

Transaction by Products

Almost all products increased in both volume and value for the year 2017 when compared to the year 2016. The Instant Payment made up for the bulk of transactions at 28.3% and 58% of the entire transaction volume and value respectively. The instant payment as a product also experienced an increment of 140% in volume and 46.97% in value when compared to last year. The Instant Payment still remains one of the most viable ways of consum-

Foreign Transactions On Nigerian Cards

Foreign transactions took an upward spike with a definite rise in its volume and value. POS saw a startling increase of about 5670% in value compared to last year. This made up for about 45% of the entire foreign transaction value.

36 /E-PAYMENT REVIEW/ MARCH 2018

Regulatory policies, availability of the forex, increased spending limits and possibly the slight appreciation of the Naira could have aided this increment. Products 2017 ATM POS Others Web Total

2016

Volume 259,679 1,974,599 156,043 1,844,972 4,235,293

Volume 3,715,315 3,656,895 359,985 2,575,702 10,307,901

2017

2016

Value 5,271,187,405.65 23,842,501.010.38 2,801,987,311.91 20,555,792,827.85 52,471,468,555.74

Value 474,457,039.74 413,101,187.95 30,374,688.08 109,819,535.79 1,028,252,451.56

Transaction Volume by Products (in Millions) [2016 Vs 2017]

Year Fraud Attempted Fraud Actual Loss Volume Value (₦) Value (₦) 2016 19,531 4,368,437,371.64 2,196,509,038.78 2017 25,043 4,034,258,639.07 1,631,680,256.85 The figure above shows that 25,043 fraud cases were reported in 2017 as against 19,531 in the Year 2016. Although, there was 28% increase in reported fraud cases when compared with last year, we witnessed 24% reduction in actual loss value. The reported frauds for the year 2017 stood at 4 Billion Naira and 1.63 Billion Naira for attempted fraud value and actual loss value respectively. The decrease of 24% in actual loss value due to perpetrated fraud was a lot higher than the recorded 2.65% decrease recorded in 2016. Again, this was made possible due to effective collaborations which exist among the various institutions in the fight against the menace called fraud. Having lost a whopping sum of 6.2 Billion Naira in 2014, the financial industry had to unite to fight against electronic fraud. Today, various decisions and interventions from the regulators and all stakeholders have produced positive results. At the close of 2017, even though, the 2014 fraud volume had increased from 1,461 to 25,043 which represented over 1600% increase, the industry can confidently affirm that the figure lost in 2014 had been reduced by 4.5 Billion Naira representing about 74% reduction. Fraud Volume [2014 - 2017]

Fraud Value in (N, Millions) [2014 - 2017]

Fraud At A Glance - 2017

Cheques N18m

E-commerce N38m

Fraud count continues to increase but fraud loss continues to decrease

PoS N79m

Others N117m * Please note that figures may not add up due to approximation.

Web N133m Internet Banking N143m

* This chart shows the actual loss value as reported on the anti- fraud portal for 2017.

Fraud Per Channel

Analysis of reported frauds per channel showed that the Automated Teller Machine (ATM) recorded the highest fraud volume and value for 2017. This was followed by Web and Mobile channels occupying the second and third positions respectively. These three channels recorded a total number of 20,185 accounting for 80% of the fraud volume for the year 2017. It is pertinent to note that the ATM has been the most used channel for fraudulent transactions in the last four years. ATM also recorded the highest fraud loss, a position held by "across the counter" for the past two years. Channel Fraud Volume Actual Loss Value (₦) Across the Counter 314 259,022,133.64 ATM 9,823 497,643,653.79 Cheque 11 18,743,500.00 eCommerce 1,036 36,054,759.08 Internet Banking 1,691 143,144,573.57 IVR 1 0 Mobile 5,055 347,645,087.77 POS 982 79,444,442.07 Others 823 117,084,768.22 Web 5,307 132,897,338.71

Across the Counter N259m Mobile N348m ATM N498m

Fraud Volume Per Channel (2017)

N1.63 billion 2017 Fraud Summary

The Nigerian financial space is continually being transformed owing largely to unprecedented innovations that facilitate the eradication of unwanted lags, promote financial inclusion and encourage customer confidence. An example being the Unstructured Supplementary Service Data (USSD) mode of ‘banking’, where a huge part of banking services are made available via the mobile network.

An estimate of 1.6 Billion Naira in actual loss was recorded in 2017. An exploration of the reported fraud and grouping by channel showed that Automated Teller Machine (ATM) recorded the highest reported fraud, both in volume and value, with an estimate of 9,832 in volume and 497.6 Million Naira loss in value. ATM channel remained the first point of call in dissipat-

37 /E-PAYMENT REVIEW/ MARCH 2018

NIBSS Fraud Report Fraud Per Month

Fraud Value Per Channel (in millions) (2017)

ing fraudulent proceeds. In light of this, more needs to be done in respect to control around this channel. The Mobile channel recorded the second highest loss in value. The channel had a 48% increase (â&#x201A;Ś347.6M) from the 235 Million Naira recorded for 2016. This noticeable increase should necessitate a thorough look into various loopholes that might exist within this channel and how they are being exploited. Across the counter channel comes in at third place with over 259 Million Naira recorded as a loss. The loss represented about 49% reduction when compared to the 511 Million Naira loss of 2016 and 65% reduction compared to 732 Million Naira loss of 2015. The consistent reduction in the actual loss value for this channel is noteworthy as such losses always have high impact on the overall loss in the industry. Notwithstanding the value of the loss, fraudsters are still exploring this channel as the attempted amount on this channel was over 1 Billion Naira for 2017 alone. However, the industry was able to salvage over 750 Million Naira representing 75% of the attempt on this channel. This laudable feat is evident in confirming that institutions have tightened control around their internal processes making it difficult to utilize this channel successfully for fraud. The Internet Banking channel had a loss of 143 Million Naira which is about 55% reduction when compared with the 321Million Naira loss in 2016. This signifies another win for the industry. The Web channel lost a total of 132 Million Naira, which was a 59% increase from the 84 Million Naira lost in 2016. Whereas, the POS channel had a loss of 79 Million Naira which was a 67% decrease when compared to the 243 Million Naira lost in 2016. Obviously, fraudsters are exploiting this channel to siphon funds from unsuspected customers.

Fraud By Platform Electronic Channels Channel Volume Actual Loss Value ATM 9,823 497,643,653.79 eCommerce 1,036 36,054,759.08 Internet Banking 1,691 143,144,573.57 IVR 1 0 Mobile 5,055 347,645,087.77 POS 982 79,444,442.07 Others 823 117,084.768.22 Web 5,307 132,897,338.71 Total 24,718 1,353,914,623.21

17 +83A

The 2016 report recorded October to have had the highest fraud volume and June with the highest fraud value. In 2017 however, June kept the highest recorded fraud value, while November was the month with the highest fraud volume. Ironically, December recorded the lowest lost value for the year while July recorded the lowest fraud volume. As the usual trend, holiday months are the prime target for fraudsters deducing from fraud attempts. However, the industry was proactive and counteractive enough not to allow higher losses during this period. It solidifies the claim of fraudsters having workgroups that enable them exploits the most vulnerable institution, channel or location at any given opportunity especially during the holiday or festive periods. Fraud Volume (2017)

Fraud Value (in millions) (2017)

Fraud Per Quarter

It was observed that the industry lost more to fraud in the 2nd and 3rd quarters, while the 1st and 4th quarters had about the same amount of actual loss. However, the fraudsters still came prepared into the last quarter of the year with over 1.5 billion Naira attempted fraud value in three months. Fraud attempts were properly curtailed in the last quarter of the year as the industry was able to salvage over 77% of the attempts.

Various channels stated above were grouped into two sections: Electronic and Non-Electronic platforms. Tables below highlight all payment channels captured on the Industry Anti-fraud portal with their corresponding fraud volume and actual loss value for 2017. We experienced a steady increase in n- c fraud occurring through No roni t c electronic platforms and a ele decrease in its non-electronic counterpart. The Non- electronic platform comprising of Cheque and Across Counter channels represented about 17% of the total actual loss for the year. This nic tro shows a lower percentage c e El when compared with 2016 (23%) and 2015 (43%).

17% I 83%

Non- Electronic Platform Channel Fraud Volume Actual Loss Value (â&#x201A;Ś) Across the Counter 314 259,022,133.64 Cheque 11 18,743,500.00 Total 325 277,765,633.64

Fraud In The Last Three Years

The figure below depicts reported fraud cases across all channels in the last three years. For volume, the year 2015 had the ATM, POS, and Web as the top channels for fraudulent transactions perpetrated. In 2016 and 2017, ATM, Mobile, and Web were the three most used. Apparently, ATM and Web

38 /E-PAYMENT REVIEW/ MARCH 2018

channels have consistently appeared in top three channels used to perpetrate fraud for three years running. Also, it can be deduced that ATM channel has been the focal point for fraudsters in the last four years. The sudden growth of the mobile and web channels in both 2016 and especially 2017 should be closely monitored. In light of this, measures should be put in place that will check and ultimately reduce fraud occurrences within these three channels.

transactions within the year across channels. The Mobile channel has the highest percentage.

Fraud Volume Per Channel in 3 Years

447

Watchlisted Customers

946 Unique Fraudulent Customers

Analysis On Unique Beneficiaries Closed 3%

Fraud Value Per Channel in 3 Years

Dormant 0%

83+1+510 PND 9%

Others 0%

Active 88%

For fraud value, the year 2015 and 2016 had across the counter as the channel with the highest attempts from fraudsters. ATM and Internet banking followed closely. However, in 2017 the ATM channel took the lead, with mobile following behind.

Analysis On Unique Beneficiaries

In the year 2017, a total number of 946 unique individuals were beneficiaries of fraudulent transactions consummated through the ATM, across the counter, e- commerce, Internet Banking and Mobile channels. The unique individual count was derived from the overall fraud reported on the Industry Anti-Fraud portal. Furthermore, the reported unique individuals who were beneficiaries of fraudulent transactions in 2016 had only 217 BVNs sent to NIBSS for watch-listing representing roughly 21% of the total number. However, 2017 had about 47% sent for watchlisting, with a total number of 447. This increase shows commitment from stakeholders in ensuring proper documentation and limiting the fraudsters within the industry. The chart shows the percentage of unique individuals who benefitted from fraudulent Unique BVN Per Channel

Also, tracing the 946 unique individuals to other banks uncovered a total of 2,304 account numbers. This implies that these 946 unique individuals have a total of 2,304 account numbers in the industry. Out of the many accounts linked to these unique individuals, it was also confirmed that 1,994 accounts were active, which represent 86% of the total number of accounts. Established fraudsters with active accounts in other banks are highly capable of perpetrating more frauds. Analyzing the unique individuals based on age variables gave an insight into the different age categories that committed the most frauds within the year. Customers with the age range of (18-25) committed more fraud with 42.1%. Further categorization by gender also revealed the dynamics surrounding vulnerabilities that exist within the industry. Although, more males benefitted from frauds in 2017, the females were not left behind. 73% of these unique individuals are male while the female represents 27%. The status of reported fraudulent accounts depicted by the pie chart shows that a significant chunk of these fraudulent accounts remains active. The fraudsterâ&#x20AC;&#x2122;s ability to access personal accounts that are active buttress the fact that these individuals could still receive fraudulent proceeds. 88% of the reported accounts remain active in the industry. Account Status (other banks)

39 /E-PAYMENT REVIEW/ MARCH 2018

NIBSS Fraud Report being the choice channel used by these fraudsters to dissipate stolen funds.

Grouping By Age

Grouping By Gender Fraud trend by channels in terms of percentage change between 2016 & 2017

73%

Fraud Rate

Despite the surge in fraud volume, the significant fall in actual loss value established the fact that we are gradually winning the fight against our common enemy – the fraudsters. The significant drop in the actual loss values confirmed the consciousness of all stakeholders about the collaborative efforts needed to reduce electronic fraud in the industry..

27%

Fraud Rate (2016)

Year Attempted Fraud Value 2016 4,368,437,371.64 2017 4,034,258,639.07

Fraud Reported By Other Financial Institutions (OFIs) Attempted Fraud Value N104, 799, 485. 88

Actual Loss N101,212,074.17

Actual Loss % Difference 2,196,509,038.78 50.2 1,631,680,256.85 40.4

Actual loss value as a percentage of attempted fraud value in the year 2016 and 2017.

Reported Fraud 646

In the year 2017, a total number of 646 fraud cases were reported by Other Financial Institutions. This represented a 634% increase in reported fraud volume when compared with 2016. The attempted fraud value stood at 104.7 Million Naira which was about 107% increase when compared to the 50.5 Million Naira reported in 2016. The actual loss value reported for 2017 was 101.2 Million Naira representing a 481% increase if compared to the 17.4 Million Naira lost in 2016. The OFI was able salvaged only 3.4% of the fraud attempt.

Fraud value and volume as a percentage of Transaction value and volume respectively in 2016 and 2017. Fraud Rate in Percentage [2016 Vs 2017]

Fraud Trends

The year 2017 experienced a 25.71% decrease in actual loss value when compared with figures from the year 2016. Also, actual loss value was 40.4% less than the attempted fraud value. While we’ve witnessed a substantial increase in fraud volume over the past three years, we also experienced a constant fall in attempted and actual loss fraud values. This shows that despite the challenges, the industry is putting up a “good fight” and institutions are becoming more conscious that the fight is not to be one-sided. Year Fraud Attempted Actual Loss % diff between Value Fraud Value actual loss value & attempted value fraud 2016 19,531 4,368,437,371.64 2,196,509,038.78 50.2 2017 25,043 4,034,258,639.07 1,631,680,256.85 40.4 % diff 28.22 7.64 25.71 Total fraud volume, values and its percentage difference For the past three years, POS fraud volume has been on the decline with the percentage decrease of 40.77% witnessed in 2017. This shows the paradigm shift in a susceptible or interesting channel to fraudsters. Nevertheless, this channel shouldn’t be overlooked. Funds lost to fraud via eCommerce, Internet banking and POS also dropped significantly while the actual loss values for Mobile and Web experienced a surge. Trends in 2017 showed “Internet banking” as a channel of growing interest for fraudsters. This is a call for institutions to be more proactive and step up security around their internet banking platforms. ATM as expected, saw a high fraud volume

Fraud Desk Survey 2017

1. Area of Operations Fraud desk (76%); Internal and System Control (6.7%); Audit (8.9%) Operations (6.7%) and Risk Management (2.2%). 2. What major challenge do you face in fighting against fraud in your Institution? Inadequate customer awareness (40%); Ineffective Industry Regulation (17.8%); Collusion between employees andexternal parties (2.2%); Opportunities for fraudsters (2.2 ); Lack of Information sharing andcooperation among Banks (28.9%); Inadequate fraud detection tools and technologies (8.9%). 3. Has the Bank Verification Number (BVN) assisted your Institution in fraud investigations and recovery of funds?

40 /E-PAYMENT REVIEW/ MARCH 2018

98+2

exploit. All channels should be well safeguarded. In 2017, HEIMDALL was able to detect over 300 million Naira in value of fraud events across all channels. The NIBSS fraud team in collaboration with various fraud desks were able to timely prevent several fraudulent transactions, thereby assisting in salvaging several fraudulent proceeds within the year.

Forecast for 2018

YES 97.8%

4. How is fraud mostly discovered in your Institution? Through automated fraud monitoringtools (48.9%); During account /audit reconciliation (6.7%); By customer complaint (42.2%); Through third party notiﬁcation (2.2%).

Industry Security Survey 2017 1. Have you suffered a security breach in your organization in the last 12 months? (January December 2017)

2. How was the breach identified?

33+33+34 33+33+17 16.7%

MAYBE 33.3%

YES 33.3%

By direct reporting

16.7% Others

NO 33.3%

3.Which was the worst security incident faced by your organization in the year 2017?

33.3%

We have no breach

33.3%

By routine internal security monitoring

4. What type of staff related incidents did your organization experience in the year 2017?

1. Fraud as a service With access to the web, information can spread amongst cybercriminals very fast. The dark web offers fraud services such as bots, phishing services, and Remote Access Tools. Malware trojans such as ransomware can be franchised or leased, just as DDoS attacks services can be purchased on the dark web. The Fraud-as-a-Service model is expected to empower newcomers who lack required skillsets to the world of cybercrime. Hence, financial institutions need to put in measures that can mitigate possible surge in the number of attacks. 2. Fraudsters: As with previous years, we expect to see the threat landscape continuing to be ever-changing and complicated. The fraudsters mastering old schemes, exploring new techniques while exploiting loopholes via the various channels available. Some of the 2017 attacks will escalate, while new and dynamic fraud attacks will also emerge. Any new product and services designed without proper security measure will be an easy target for Fraudsters. 3. Emergence of more complex phishing attacks Financial services will need to stay alert on tried and tested attack techniques. Despite the emergence of more sophisticated threats, social engineering and phishing continue to be the simplest and most profitable attacks – exploiting the human element as the weakest link. There is need to improve customers and employees awareness on various phishing scams.

Potential Mitigation

1. Stakeholders Collaborations: We hope to see heightened collaborations amongst the various stakeholders to effectively combat fraud. The growing threat called fraud can only be subdued with a collaborative approach. We look forward to strengthened partnerships with both law enforcement, telecommunication, and other key stakeholders. 2. Engagement with the Mobile Network Operators (MNOs): It is no longer news that the fraudsters continue to leverage on recycled SIMs process and the SIM swap modus operandi to perpetrate their acts thereby increasing fraud within the mobile / USSD platform. In 2018, we expect that the financial industry will have access to the SIM Swap database from the telco to combat SIM swap fraud efficiently. Also, we expect that the MNOs will streamline the SIM recycle process with in view of curbing the activities of fraudsters leveraging on it.

Fraud Outlook 2018

In 2017, ATM emerged as the channel with the highest fraud interest index. The reason could be linked to the fact that fraudulent funds are easily dissipated via this channel. Mobile picked up after ATM taking a 9.66% hike from its last year’s FII percentage value of 10.71. The distinctive drop in the FII for across the counter channel from 23.39% to 9.64% may indiFraud Interest Index (FII) cate the effective control Channel FII measures put in place by Across the Counter 9.64% various institutions. ATM ATM 42.65% and Mobile emerged as Cheque 1.16% probable choice targets eCommerce 0.31% with higher ROI for 2017. Internet Banking 4.28% However, the trend over Mobile 20.37% time has shown that POS 4.46% fraudsters are dynamic in Others 13.94% their operations looking Web 3.19% out for loopholes in any available channel they can

3. Compliance to the Regulatory Framework on BVN Watchlist: The new regulatory framework on BVN operations and watchlisting is expected to reduce the activities of fraudsters. Placing a fraudulent customer on the Watchlist and denying such customer access to any electronic channel in the industry will go a long way in restraining the fraudsters. 4. Customer's Awareness: In a security chain, customers are often the weakest link. Customers must regularly be enlightened on the various tricks employed by these fraudsters to perpetrate their act. We need to identify the best approach to reach every customer and ensure they are well informed about emerging fraudulent schemes. 5. Fraud Reporting: On a yearly basis, we have seen an increase in fraud volume. However, there is still need to sensitize the industry on the need to promptly and accurately report all fraud cases. We also expect Other Financial Institutions (OFIs) to ensure that all fraud cases are reported. We can only have a true picture of fraud events in the Industry when all stakeholders are faithful in reporting all fraud cases in their institutions.

41 /E-PAYMENT REVIEW/ MARCH 2018

Courtesy of Nigeria Inter-Bank Settlement System Plc (NIBSS)

Trends & Tactics QR CODEI

Egypt to use one standard for payments

Adidas builds-in transit tickets into sneakers

Hundreds of Germans braved sub-zero temperatures in January to camp out overnight in Berlin, in hopes of buying a pair of sneakers with in-built chip that offers free subway tickets. Public transport company Berliner Verkehrsbetriebe (BVG) produced 500 pairs of the limited edition EQT Support 93/17 “Berlin” shoes in partnership with German sportswear giant Adidas for the train network's 90th anniversary. The pattern of BVG train seat covers was featured on the TPU support element of the sneakers while an annual season ticket for the BVG public transport network was incorporated into its tongue, making the shoes valid as a ticket for all BVG trams, buses and ferries - when they are worn at the time of travel. The shoes were priced at only €180 but an annual BVG ticket costs upwards of €761.

EGYPT'S CENTRAL BANK has issued criteria for payments through QR code getting behind a unified standard that applies to all banks licensed to accept digital payments in the country. The idea comes within the framework of Egypt's strategy to regulate financial transactions electronically without the need for traditional POS devices.

BETA TESTERS

WhatsApp payments is almost here WHATSAPP HAS BEGUN testing a new payments feature in India that will allow people to send money to other WhatsApp users, excluding merchant accounts. TechCrunch reported that those who have gained access to the new functionality see a payments feature appear in their WhatsApp Settings menu. Users must then configure the feature by first verifying their phone number via SMS and choosing a bank. The option to send a payment is then available from the main WhatsApp interface, in the same area where you can also share a photo, video, file, contact or location into your chat session.

175

WELOVEADIDAS.COM

million

Number of Europeans expected to start using “tap and go” contactless payments with a smartwatch, bracelet, keyring or other forms of wearable payments, according to new figures from Mastercard.

RETAIL TOUCHPOINTS

Survey finds sales uplift in stores with mPOS A RECENT STUDY BY MOBILE SERVICES PROVIDER Stratix and IHL Group found retailers that deployed mobile point-of-sale (POS) technology experienced a 24% average increase in sales during 2017 compared with those that didn’t offer mobile checkout in-store. This increase in sales could also be attributed to the human holding the device. The study reported that some of the keys to success were maintaining eye contact and transacting side by side so the customer could see the screen. Deploying mobile POS technology is easier said than done, though. Three-quarters of retailers surveyed said a leading challenge was not having the right apps in place to make the devices useful. Such apps give store associates the ability to access a retailer’s complete inventory, or provide customer-related data such as order history. The survey confirms the deployment of mobile POS has certainly hit some roadblocks. “Based on the survey’s findings, it is clear that mobile POS is an integral part of the planned enhancement of the customer experience at the store level in 2018 and 2019," said Greg Buzek, IHL Group Principal Analyst. "Despite the 43 /E-PAYMENT REVIEW/ MARCH 2018

strong potential financial improvements that have been experienced by retailers enjoying the technology, there have been many reasons why other retailers have delayed the deployment of mobile devices due to the many challenges being able to do deployments effectively and achieving ROI targets.” While using in-store mobile resulted in monumental opportunities for some retailers, the survey’s data also revealed many other retailers face significant challenges implementing this technology. Many retailers said they lacked adequately trained staff to implement mobile POS strategies including a scarcity of internal help desk support. Roughly one-third (34%) of respondents had deployed mobile POS, while 31% planned to do so over the next 12 months. An additional 8% planned to roll out the technology sometime in the next 12 to 24 months. Despite these concerns, the report confirmed that the opportunities provided by mobile are significant, and with retailers embracing a third-party service to manage, support, and deploy these devices, the investment will be greatly beneficial.

Trends & Tactics

DIGITAL PAYMENT IN INDIA

$1 trillion

PayPal targets small firms with mPOS

Campari refrigerator magnet for ordering

CARD READER PayPal is shipping two new mPOS devices, one which accepts card swipe transactions and another for chip and tap payments. Pitched at mobile small businesses, the readers are designed to help users accept payments nearly anywhere, quickly and securely. Smaller than a deck of cards for easy portability, they connect to mobile devices via Bluetooth, and include a rechargeable li-ion battery. The PayPal Here SDK has also been updated to support the new devices and to make it easier to build EMV-compliant credit card processing into other mobile POS platforms..

MAGNETIC PAYMENT Campari America is using Thinfilm’s NFC mobile marketing solution to enable consumers to purchase its spirits brands by tapping their smartphone to a ‘connected’ refrigerator magnet. Once tapped, the magnets – which feature Thinfilm’s NFC SpeedTap tags and fully integrate with its CNECT cloud-based platform – take consumers to a product page on Drizly, the popular beer, wine, and spirits consumer-delivery platform. Consumers are then able to add the item to their cart and immediately check out, giving them all in one cohesive mobile experience.

Projected rise of India's digital payment space over the next five years with global technology giants acting as aggregators for retail transactions, according to Credit Suisse.

1.19 billion

Number of card enrollments in Aadhaar, India's 12-digit unique identity number, with 500 million bank accounts already been linked to Aadhaar cards.

55.4%

Indian respondents who indicated that they have a mobile wallet and use it, making India one of the top markets globally in terms of mobile wallet adoption.

Acer to launch smart prayer beads BUDDHISTS GO HIGH-TECH Taiwanese techfirm Acer has created smart Buddhist prayer beads that automatically count the number of times a mantra is recited and transfer merits to a social media platform. They have a function to transfer merits to friends and family members, and also come with functions for payments, facilitating donations and offering discounts at certain shops and restaurants in the Buddhist community. The smart product looks just like traditional Buddhist prayer beads except that one of the beads has an embedded chip which can connect with the user’s smartphone

UK OPEN BANKING The introduction of Open Banking in the UK may contribute over £1 billion annually to the UK economy and support the creation of up to 17,000 new jobs, according to analysis by economics consultancy CEBR, the Centre for Economics and Business Research.

BLOCKCHAIN KYC

TAP AND DONATE

PAYPAL / BUSINESSWIRE / CATHKATHCATT/ ENGADGET CHINA

Paris church now takes contactless cards THE PASSING AROUND OF COLLECTION baskets at Catholic mass usually leads to a collective digging through pockets and purses for loose change or small bills – but a Paris church is testing a high-tech alternative. Starting January, worshippers at SaintFrançois de Molitor church in the city’s 16th Arrondissement found they could use their debit or credit cards to donate using baskets equipped with contactless payment terminals. While churchgoers will still be able to toss money into traditional baskets rattling with coins, donors will no longer need to carry cash. The hi-tech baskets, which have a traditional appearance, give people the option to donate €2, €3, €5 or €10. Collections remain a key source of financing

for Catholic churches in France, accounting for 23% of the more than €600 million donated in 2016, but the diocese insists that the development is not about making money. "The experiment is not to increase the amount of donations but to anticipate the future, when people don't carry money anymore, even for their baguette," said Father Didier Duverne, the parish priest. This is not the French Catholic church's first attempt to keep up with new technologies. Since October 2016, 28 French dioceses and more than 2,000 parishes have accepted weekly offerings via an app called La Quete, or The Collection. About 4,000 donations have been made over 14 months in the parishes that have been testing the app. 44 /E-PAYMENT REVIEW/ MARCH 2018

Abu Dhabi is kicking off a programme with a consortium of the region's banks to develop a shared KYC utility, possibly underpinned by distributed ledger technology. An industry coalition has formed to develop a proof-of-concept to decide the governance framework and the functional requirements of the e-KYC utility.

TOLL MODULE

Audi will be offering builtin toll transponders on new vehicles, so owners won't need to buy special devices that are mounted on windshields or front bumpers to automatically pay tolls. The device, called the Integrated Toll Module (ITM), will be standard equipment on some Audi cars starting later this year.

Sweden still wants cash to be king SWEDEN’S TRANSFORmation into a cash-less society is going too fast and new regulation is needed to make sure cash remains accepted and the central bank retains control over payment systems, Riksbank Governor Stefan Ingves wrote in an opinion piece. Sweden is one of the most cash-less societies in the world, and many shops, restaurants and even bank branches refuse to accept cash payments. In over 10 years Sweden has halved its cash in circulation to 50 billion Swedish crowns ($6.14 b) from 112 billion. “There are those who mean that we have nothing to fear in a world where public funds have been completely replaced by private options. I think they are wrong,” Ingves said, adding in times of crisis the public always wants risk-free assets, like cash, that are guaranteed by the state. “That commercial players in all scenarios would shoulder the responsibility to meet public demand for safe payments is unlikely.”

PAYMENT TRACKER

N360 billion in mobile money transactions per day

CRYPTOCOIN AT POS What if bitcoin were actually a coin? FitPay has made it one. Flip, a new contactless payment device that the startup just made available for preorder, is a literal plastic coin resembling a casino chip that pairs with a cryptowallet on a customer’s phone, enabling them to tap the coin to pay. Flip works by converting bitcoin stored in a crypto wallet on a mobile phone into usable everyday currency. Gino Pereira, CEO of FitPay’s sister startup NXT-ID said that the Flip coin could help socialize the idea of using bitcoin in the real world.

SENSIBLE EVOLUTION

Fintech revolution fizzles as startups seek engagement with banks FINTECH FIRMS ARE TONING DOWN THE FIGHTing talk that marked the beginning of the movement as the realisation dawns that they will be hard-pushed to succeed without the support of incumbent banks. That's the conclusion of Capgemini's World Fintech report which charts the 'fizzling out' of the much-hyped fintech revolution. With complementary strengths, fintech startups are increasingly looking to symbiotic collaboration with the traditional financial firms they once sought to overthrow, according to the Capgemini study. The challenge is to scale-up and create financially-viable business models. Although fintech firms have raised nearly $110 billion since 2009, the report found that most are likely to fail if they do not build an effective partnership ecosystem. At the same time, traditional financial institutions are adopting many agile fintech customer service enhancements, while retaining strengths including risk management, infrastructure, regulatory expertise, customer

trust, access to capital, and more. “With more than 75% of fintech firms identifying their primary business objective as collaborating with traditional firms, it is essential that both fintechs and traditional firms transform their business models by collaborating to drive innovation while retaining customer trust,” said Anirban Bose, head of Capgemini’s financial services global strategic business unit. “Without an agile and committed collaboration partner, both traditional and fintech firms risk failure.” Echoing the views of a similar report released by Accenture, Capgemini found that more than 70% of fintech executives polled said their top challenges to engaging with traditional financial services firms was the latter's lack of agility, while incumbents in turn perceive negative impacts on customer trust, brand, and changing the internal culture as their top challenges. Both Accenture and Capgemini recommend the establishment of a formal process for banks to chart their relationships with startups.

THE MOBILE MONEY INDUStry processed transactions worth a billion dollars (N360 billion) a day in 2017, helping to drive financial inclusion around the world, according to the latest GSMA report. In its seventh annual state of the industry report on mobile money, GSMA, which represents the interests of mobile operators worldwide said that there are now 690 million registered accounts in over 90 countries, generating direct revenues of over $2.4 billion (N840 billion) in 2017. The report noted several new trends, including the accelerated growth of bank-to-wallet interoperability, the growing adoption of smartphones, the proliferation of fintech companies, the digitisation of new sectors of the economy, and renewed efforts by companies and governments to reach the most vulnerable and underserved. Sub-Saharan Africa long the epicentre of of the service showed no sign of slowing, but as the industry has matured, mobile money has also gained traction in other parts of the world. With 47% year-on-year growth, South Asia was the fastest-growing region in terms of registered accounts. Globally, the year saw 136 million new accounts, marking a 25 percent rise from 2016. Mobile money is now available in 90 countries users taking advantage of their services on a regular basis. In a report summary, GSMA Director General Mats Granryd emphasized the role of mobile money in the United Nations’ Sustainable Development Goals, with mobile money technology helping to formalize payments, improve transparency, and increase GDP in developing markets.

In brief -- Numbers

DRINK COMMAND / SQUARE ,/

SPRING FESTIVAL About 768 million people used social media platform WeChat to send hongbao or red packet during the Chinese lunar New Year traditionally a time for family gatherings and blessings when people give red envelopes filled with cash. DIGITAL MONKS Hoping to solve the headache caused by thefts of money from donation boxes and ensure transparency in the handling of donations through the use of e-banking, a Thai temple has set up a QR code payment transaction point where merit-seekers can make dona-

tions via PromptPay, the government's promoted e-payment system. JUICY APPLE The number of banks globally that support Apple Pay increased in 2017 by 41% to 2,707. With 127 million global active users, Apple Pay adoption and usage in international markets has been much more robust than in the U.S. MOBILE POWER Consumers across the globe are warming up to proximity mobile payments. In 2018, for the first time, more than one-third 45 /E-PAYMENT REVIEW/ MARCH 2018

(34.9%) of smartphone users ages 14 and older will use a mobile phone to pay for a purchase at a physical point of sale (POS) at least once every six months. NA ZDOROVIE Sales of smartphones that support contactless payments are booming in Russia with demand for them driven by the emergence of payment systems from Apple, Samsung and Google. In 2017, 28 million such devices were sold, a 60 per cent increase from sales in 2016. 18 million of those phones are already linked to mobile payment systems.

The Gimlet Eye

It's the numbers, stupid

Balancing Act has tracked start-up user numbers since 2013 and it's noticeable how few African start-ups break out into the level of user numbers required to build a business

KINAXIS

By Russell Southwood BILL CLINTON'S CAMPAIGN MANAGER JAMES Carville had three talking points for his election campaign against George Bush Snr. Only one is remembered: The economy, stupid, by which he meant that the main thing anyone should be worrying about is the economy. To rehash that message in a different form, 'it's the numbers, stupid': African start-ups - whether B2C or B2B - need to get user numbers to drive their success. In most countries for B2C markets this means getting hundreds of thousands of users. It's slightly more complicated for B2B start-ups because it depends how many potential customers there are. Balancing Act has tracked the number of people start-ups say are using their services over a fiveyear period. They often exaggerate these numbers but they are also revealing. It's noticeable that some start-ups never change the number of people they claim to be reaching over several years. Others say user numbers are "confidential" which is a sure sign that if revealed, there would not be much to brag about. On other occasions, a relatively small number of African start-ups will claim an unfeasibly large number that is subsequently forgotten. There's another layer in that the user numbers are sometimes not all they appear to be. The number of times an app is downloaded is no guide to how many people continue to use it: numbers of active users are always smaller than total downloads. So for example, in early 2015 Tanzanian music streaming start-up Mkito had 1.2 million downloads but 280,911 users. With some exceptions, local African start-ups rarely break the 50,000 users mark and most are in the 5-10,000 range. The exceptions are interesting. South African start-ups tend to do better because there is a larger (mainly but not exclusively white) middle class. So video-streaming platform PockittTV has hundreds of thousands of users across a couple of mobile operators. Edtech startup Siyavula had 6.3 million online users in May 2017. And there are more examples of South African start-ups where there is a volume of active users that indicate that the business is on its way to profitability. The toughest market in terms of user numbers is Nigeria. Talking to Konga's [former] CEO Shola Adekoya in July 2017, it became clear you don't want all the potential e-commerce buyers. There were a total of 750,000 users, of which 150,000 needed to be excluded for 'unacceptable behaviour' and there were then 250,000 active users. In October 2017, Kenya's Taxi told us that it had 250,000 users who were making 10,000 rides a day. Uber always says that it likes having competitors because it helps build the market. Starting to use digital services is a behavior change and it takes time. The more competitors are spending money on persuading people, perhaps the faster it happens. The big players tend to be internationally backed start-ups like Jumia, Uber Airbnb, Zomato and services that have been seriously promoted (and sometimes backed) by mobile operators. The small African start-up's lack of a marketing budget really

does create a huge market gap that even creative uses of social media make it hard to overcome: it is not a level playing field in the new digital services sector. It's tough out there, whether the business model is user pays or advertiser pays. Speaking in a panel discussion at Tech Summit Africa, TLcom TIDE Africa's Ido Sum, got to the heart of the matter:"There's a realisation that some of these things are a bit more complex than we used to think and acquiring customers is more expensive than was imagined. Hence I think we will be seeing this year a bit more happening on the b2b (business-to-business) side were monetisation is a bit easier and focused on teams than in the b2c (business-to-consumer) side, hence they have a better understanding on how they go to the markets and better utilise the right channels in that aspect."

With some exceptions, local African start-ups rarely break the 50,000 users mark and most are in the 5-10,000 range. The exceptions are interesting.

At the same event, GSMA ecosystem accelerator senior market engagement manager Martin Karanja said: "The level of exposure that most apps have in Africa is probably lower when it comes to finding opportunities compared to European ones." At one level, B2B start-ups seem easier because it's possible to get your around needing to sell to 1,000 out of 3,000 customers. It seems "do-able" and within the reach of early-start-up funding. But many B2B start-ups are in complicated "verticals" where the service being offered requires an ecosystem to change, not just one manager to make the buying decision. The biggest problem is that the sector is relatively new and a great deal of time and attention is spent on trying to grow the local investment sector and on the funding. It's almost as if money raised is more important than whether the business is doing well or not. But there should be a connection between funding and user numbers. The latter should be the proof that it's worth investing in something. Marek Zymslowski, HotelOga told me in May 2017:"A start-up is trying to sort out its business model but it should grow very fast. In order to do that you have to have funding. Its what everything starts with. International companies have access to funding. (But the) unit economics (of spending it) may not be as good as the local companies but they have access to funding which at the early stage is the most important thing." He also made the point that working for Jumia had given him the experience of being able to scale up in 17 countries over a 2 year period. Few African start-ups are currently offering that kind of education. On a more optimistic note, IFC Venture Capital's Wale Ayeni told a panel at the Tech Summit Africa in Kigali:"What is actually true across the board is we are seeing different qualities of founders. Founders that understand the big picture and are trying to build big startup businesses that really scale and have a global impact. That mentality, we are seeing a lot more of that." Russell Southwood is the CEO of Balancing Act, a consultancy specialising in telecoms, Internet and broadcasting in. Africa.. This article was originally posted on Smart Monkey TV.

46 /E-PAYMENT REVIEW/ MARCH 2018

47 /E-PAYMENT REVIEW/ MARCH 2018

48 /E-PAYMENT REVIEW/ MARCH 2018