Why Online Fraud is rife mostly among Mobile Operators & Financial Institutions

Alex Mutuku, an Information Systems graduate appears in court for the hearing
Alex Mutuku, an Information Systems graduate appears in court for the hearing
Alex Mutuku, an Information Systems graduate appears in court for the hearing

When news of the arrest and court arraignment of Alex Mutungi Mutuku for the charges of manipulating  the Safaricom Computer Systems and an earlier charge of hacking in the NIC bank’s, an interesting discussion came up on social media with many fearing that Safaricom was going after all those who bought ‘Bundles Mwitu’ , illegally obtained Safaricom data bundles.

The discussions went as far as to also question the logic of throwing Alex behind bars yet he had shown some dare devil confidence in intruding these networks despite the geek community terming him a ‘Script Kiddie’ or beginner in this world of black hats.

I had a chat with one of the few Digital Security experts in this country on the growing concern in  digital security incidents & fraud in the Kenya.

This chat came at time when the Digital Marketing East Africa event was happening at the KICC. One particular session on the state of Digital Security in Kenya fascinated me. Did you know that there are only 20 qualified and Digital Security Professionals despite there being an increase in the rate and the extent of the, reported and unreported  cases of online fraud mostly involving Financial institutions and now Telcos.

​Airtime fraud has been at the core of most Mobile Networks. From the early days when ​scratch cards were bearing predictable serial sequences. The most common type of airtime fraud is through Electronic Voucher Distribution commonly known as EVD. This is usually outsourced to a third party that generates the airtime voucher number that is then either sold by the MNO or through other distributors. At times, malicious staff members privy to this data can get it before hand and either sell it at a discounted rate or give it away for free. However, there are methods to safe guard against this using either maker-checker processes to the system where at any given time, no one person can have full access to the system. This tries to mitigate against collusion. Tracing fraudulently acquired airtime is easy to trace especially if it’s already serialized and has been input in the respective Mobile Network Operators (MNO’s ) systems. If the airtime hasn’t been stocked or what is known as “barcoded” then its as good as gone.

What would you comment on the growing number of mobile subscribers and the shift on habits from calls to more text and use of mobile data​

​This shift has been necessitated by the affordability of mobile internet. Nowadays SMSs aren’t quite as popular like their Whatsapp, Viber etc counterparts. I reckon the need for instant responses and acknowledgment that the recipient has read your message is key to this shift as well. Seeing that voice is almost a done deal among networks, not many people consider the cost of making local calls anymore. Instead the cost of data bundles is appearing to be the determinant factor. Also, the affordability of smart phones to the younger generation has pushed the networks to innovate around how to price data and by serving ‘free’ internet access to certain sites eg Twitter, Facebook etc to drive usage is one of the key drivers into reaping from the investments made a couple of years back when broadband internet became accessible.

Airtel’s response to market need by introducing Unliminet is being hailed as a genius marketing move, what are your thoughts on this?

​Th​is was a brilliant albeit late response to the growing demand for affordable internet by the subscribers. It was however a welcome relief because Safaricom had appeared to dominate this space as well. Given the nuances around selling data bundles, most people have felt ripped off by Safaricom . Nonetheless, given Airtel’s infrastructure far as data is concerned, they are yet to invest generously to improve their capacity and Quality of Service (QoS).

We witness a quick reaction to this new campaign by the leader operator Safaricom’s. Was this reaction due to the growing pressure from consumers to reduce internet costs?

​Given the fact that Safaricom calls the shots in terms of pricing and market rates, they undoubtedly have to review their strategy but not their price. They have a good portion of the market and s history has it, they have not bowed to customer pressure, only to competitor. This face off might go on for a while having witnessed Airtel’s unrelenting campaign both on main stream media and social media. It will be an interesting dance to watch.

What is the state online fraud involving Telecommunication companies (telcos) in Kenya?

​Telcos continue to witness unabated fraud especially along the lines of mobile money. They are moving massive amounts everyday and this becomes attractive especially for rogue employees who find it an easy avenue to make quick money. Some of these frauds are carried out by individuals whose only motivation is greed while others are sponsored by kingpins who take part in illicit trade such as drug dealing and others. Typically, the fraud can be in the form of creating what is known as e-value, since there’s really no actual money that moves within the ecosystem. Just balances playing out and are later translated to legal tender once the customer cashes it out at an agent or ATM. This creation of e-value is the equivalent of making money which, of course is illegal. Amounts lost are at times insured and hence the customer doesn’t lose out.

However this reflects badly in the books and also at a regulatory point of view. Telcos need to invest heavily in curbing internal fraud since it constitutes 20% of most security threats which cause 80% of the damage. Ordinary auditing techniques have been long ceased being relevant and as such its time to review how to detect and prevent fraud.

There has been shifting consumer usage from audio and text to and the rise of services and products that make it easier for users to bypass telcos ( Whatsapp calling feature and Wi-Fi calling) what do you as the future for these services and their effect on the market share taken by existing telcos

​Much as emerging technologies such as Whatsapp, Viber etc are seemingly taking users away from conventional MNO dependent services, there’s still a cost element to it. Also considering the fact that most WiFi hotspots are either at coffee shops, offices or venues where one has limited time, then ultimately users will fall back to their data bundles. These as we know, are priced by the MNOs which can dictate how much you pay per Megabyte you spend on say a Whatsapp call. Granted, this is clearly a move to eat into the network’s lunch, a move they dont hesitate to take casualties along with them.

Are we going to see a continued increase  in fraud cases ?
​With the current trend, if unfettered, then yes. There shall be an increase in fraud. Over the last couple of months, banks have lost close to Ksh 5B and these are conservative figures. ​Moreso, this year alone has seen Safaricom, NIC bank, Barclays bank spring to the limelight with fraud cases. This has indeed made the public aware about the least violent crime in financial services

Facebook Comments

We'd love to hear your thoughts on this article

This site uses Akismet to reduce spam. Learn how your comment data is processed.