Mobile Financial Services Fraud ADIL ILYAS. Introduction Any electronic Device that can either STORE, PROCESS or COMMUNICATE can be used to either commission.

Slides:

Advertisements

Similar presentations

Mobile Banking: The Kenyan experience Impressions and everyday practice with commercial banking services, even to remote rural communities in Kenya.

Advertisements

Sophos Mobile Control SophSkills Session Name: Thomas Lippert – Product Management DPG Date: 17-Feb-2011.

Driving customer engagement through mobile. The growth of mobile Most smartphone users now check their phones 150 times a day Source: KPCB Internet Trends.

The Future is Global One World One World One Service One Service One Button.

ICT at Work Banking and Finance.

Technology & Crime Cyber – Mini Conference ADIL ILYAS CYBER CRIME CONSULTANT – CID HQ.

© MobiPrimo Technologies1 Opportunities : Mobile Ecosystem Huge Potential for Indian Market Samir Karande MobiPrimo.

BY DR. J.O. ATOYEBI NIGERIAN COMMUNICATIONS COMMISSION.

Security, Privacy, and Ethics Online Computer Crimes.

Chan pak lim chau ho chit cheung tak ching yip pak ho g2

Andrew Schroeder Networking Aspects of Cloud Computing.

INVESTMENT OPPORTUNITIES IN TOURISM AND ICT 24 th - 26 th August 2014 COUNTY GOVERNMENT OF KWALE.

Wonga example Register Question- What risks do you think businesses face due to IT developments?

Himanshu Pant Co Founder and Director Mactabilis Arts.

Electronic Banking BY Bahaa Abas Noor abo han. Definition * e-banking is defined as: …the automated delivery of new and traditional banking products and.

Rapid Mobile Development Enterprises are having a tough time keeping up with the demand for mobile apps. With these growing demands, businesses are expecting.

Online and Mobile Banking. Online banking Online Banking  Online banking is a fairly established practice in our internet-saturated world.  Many people.

UniCredit Group at glance

Presentation By Deepak Katta

INDO-AFRICAN KNOWLEDGE EXCHANGE WORKSHOP March 29-30, 2012.

AFRALTI1 The Impact of the Mobile Money Revolution in Africa The Impact of the Mobile Money Revolution in Africa.

Introduction to Mobile Computing CSE 390 Fall 2010.

The East African Mobile Market

Women’s Learning Partnership Mobile Phone Technologies: To Infinity and Beyond? Usha Venkatachallam Nov 12, 2008.

THREATS TO MOBILE NETWORK SECURITY

1 NETE4631 Mobile Cloud Computing Lecture Notes #10.

GIS and Cloud Computing. Flickr  Upload and manage your photos online  Share your photos with your family and friends  Post your photos everywhere.

3.1.G1 © Family Economics & Financial Education – Revised October 2004 – Consumer Protection Unit – Identity Theft Funded by a grant from Take Charge America,

Basic Computer Components. What’s inside your computer?

IT security By Tilly Gerlack.

TEMPLATE DESIGN © Android Data Confidentiality Alex Mayer University of Houston Abstract Employees are increasingly relying.

Payment Gateways for e-Government services 24 May 2007

MeDi Access Technology & Innovation Colombia. OUR IDEA : MeDi Access The Problem: the difficulty that people have in order to be able to access properly.

Information Warfare Playgrounds to Battlegrounds.

©Dr. Respickius Casmir IT Security & Cybercrime IT & Communication Summit 2010 March 8, 2010 By Respickius Casmir, PhD. University of Dar es Salaam Computing.

Contents Introduction Problem Definition Proposed Solution

The Android Operating System I- Introduction II- History III- Features IV- Competitors V- References.

What is Android……? Android is an Operating System (OS) created by Google to run on any small electronic devices such as cell phones, e- books, Media Internet.

Enforcing Cyber security in Mobile Applications – Public Sector Use Case SAPHINA MCHOME, VIOLA RUKIZA TANZANIA REVENUE AUTHORITY INFORMATION AND COMMUNICATION.

Interoperability as a Driver for Financial Inclusion.

Protecting Yourself from Fraud including Identity Theft Advanced Level.

Internet Safety Internet Safety LPM

What’s a mobile app? A mobile app is a software program you can download and access directly using your phone or another mobile device, like a tablet.

Basics of testing mobile apps

Cybercrime What is it, what does it cost, & how is it regulated?

Information Warfare Playgrounds to Battlegrounds.

MANAGING RISK. CYBER CRIME The use of the internet and developments in IT bring with it a risk of cyber crime. Credit card details are stolen, hackers.

Shaun McGorry Executive Briefing July 30, 2009 Identity Theft.

Protecting Yourself from Fraud including Identity Theft Personal Finance.

Candidates should be able to:  describe the purpose and use of common utility programs for:  computer security (antivirus, spyware protection and firewalls)

Cybersecurity Test Review Introduction to Digital Technology.

Protecting Yourself from Fraud including Identity Theft Advanced Level.

By : Syed Shabi Ul Hassan. What is Cyber Crime?  Crimes that have been made possible by computers.  Such as Identity Theft, Bullying, Hacking, Internet.

Mobile Money 1/37 Fiserv Mobile Money Staff Education © 2010 Beavercreek Marketing, a division of Beavercreek Inc. All rights reserved. All trademarks.

CASE STUDY: ELECTRONIC BANKING By: Sarah Baig, Laura Logan, Agyakwa Tenkorang.

What Are the Different Platforms for Enterprise Mobility Solutions?

RECENT ADVANCEMENT AND APPLICATION IN TOUCHSCREEN TECHNOLOGY.

Android forensics: Automated data collection and reporting from a mobile device Justin Grover Digital Investigation Volume 10, Supplement, August 2013,

Mobile Banking: The Kenyan experience

TIGO PESA CORPORATE SOLUTION

Presenter: Hanlie Spangenberg Date: March 2013

Mr. Roeshink – Financial Operations

ETS Inside Product Launch

Protecting Yourself from Fraud including Identity Theft

Protecting Yourself from Fraud including Identity Theft

How it affects policies and procedures

Security in mobile technologies

Protecting Yourself from Fraud including Identity Theft

Presentation transcript:

Mobile Financial Services Fraud ADIL ILYAS

Introduction Any electronic Device that can either STORE, PROCESS or COMMUNICATE can be used to either commission an offense or be used as a target of an Offense. Examples Regular Phones, Smart Phones Computers Storage Devices ( Flash Disk, CDs etc)

Who can commit an offense ? Over 20 million people in Tanzania are connected to Mobile Phone Networks Over 8 million people in Tanzania are connected to the internet, with or without knowledge of their connection state. More than 7% of the population owns a PC Anyone of these can commit an offense Mostly likely they will use the same available technology to facilitate that offense. Practically they have the weapon for offense. We are left out in the dark. Defenseless.

In order to commit the offense MOTIVATION & OPPORTUNITY

MOTIVATORS t FINANCIAL PERSONAL MOTIVATIONS ADVENTURE / POWER HI-TECH

Opportunities 7 YEARS AGO Ally Dar Es Salaam Joanitha Arusha

Opportunities 4 YEARS AGO Ally Dar Es Salaam Joanitha Arusha MPESA

Opportunities 1 YEAR AGO Ally Dar Es Salaam Joanitha Arusha MPESATIGO PESA

Opportunities NOW Ally Dar Es Salaam Joanitha Arusha CRDB BANK NMB BANK MPESA TIGO PESA MPESA OR MOBILE BANKING CARDLESS WITHDRAWO

MFS One of the most rapidly growing services that facilitates money transfer, deposits to the un- banked community. An additional banking channel via mobile phones for the existing banked community in the market. The most common technology to facilitate the service is a Mobile Phone, via USSD.

Regulators BOT Regulates the financial aspects of Mobile Financial Services for both Bank-Led or Non-Bank-Led Service Providers. ( A service provider must be Licensed by TCRA to prequalify to offer MFS Services. ) TCRA Regulates the technological aspect of Mobile Financial Services for both Bank-Led and Non Bank Service Providers.

Service Providers Bank Led CRDB BANK – SIM BANKING NMB BANK – NMB MOBILE Non Bank Led Airtel - Airtel Money Zantel - EazyPesa Vodacom - Mpesa Tigo - TigoPesa

Situational Analysis High Inter-Dependencies between Service Providers for facilitating the services. o Technological o Processes between SPs not very clear. SIM Swapping is a major concern * Until recently efforts taken by TCRA, there were no proper standards. Challenges of Data Handling, in an event of swap. No Automated Technological Methods to Isolate/Block Certain Services. No Strong SLAs between Service Providers as Yet.

How does Fraud Occur Insiders – Misuse of MIS / Assisting on Fraudulent Swaps Poor Swap Process. Social Engineering o Friends & Family o Strangers using IDENTITY THEFT Methods Creating of Fictious Retailers / Wakalas Creating of Fictious Employees to allow Transfers/Approvals Fraud Occurs on both Service Provider Levels and End User Level ( Both get victimized )

Applause to TCRA :- Taking an initiative to call upon all stakeholders to a common place to reach a census on how to reduce MFS Fraud. BOT:- Setting up the new regulations for the MFS Industry. BOT & TCRA: Working together in harmony to reach a common goal. AIRTEL & CRDB: Sharing Data to reduce Fraud during Fraud. MNOs: A Good Response from MNOs to update their swap processes.

Quick Wins FOR BANKS: Use TWO UNIQUE IDENTIFIERS on your systems ( MSSIDN & IMSI ) FOR BANKS & MNOs: Improve SLAs between yourselves to ensure proper service delivery to your consumers. FOR MFS SERVICES PROVIDERS: Educate your consumers, Educate your staff, improve internal processes. Launch Secure Products.

The foreseeable future SMARTPHONE SPYING: It is currently possible to install spyware on smartphones such as IOS – iphones, blackberry, Android Phones, Symbian OS Phones ( Nokia ). These spy apps can collect data such as : - Call Logs, SMS, USSD Strings, Location, Pictures, Passwords etc. USSD HACKS: USSD Security is now solely dependent of GSM Security standards which is A5/1 or A5/2 which is currently comprisable but not to the normal Joe Hacker.

Case Studies Mobile Financial Services – Service Provider Fraud Mobile Financial Services – End User, Bank Led Mobile Financial Services – End User, Non Bank Led