26 November 2020
Evina, as a leading cybersecurity company specialized in payment and advertising, has been monitoring the worldwide digital market for years and has witnessed a steep increase in fraud everywhere: malwares are present today more than ever, and fraud has never been so malevolent. This means every company in the digital market experienced, is experiencing or will experience fraud. It also means you shouldn’t take it personally or be surprised if fraudsters attack your company.
How has fraud become so pervasive? A few years back fraud was mastered by a limited number of hackers, but today fraud has become a widespread phenomenon managed by professional criminals across the globe who have only one goal in mind: target the most vulnerable. Moreover, many criminals have specialized in mobile fraud, as mobile payments are believed to surpass credits cards and cash payments by 2021 . Meaning mobile phones will become a breeding ground for fraudsters to apply their mischievous tricks.
Africa’s mobile payments: nectar for fraudsters
Fraudsters are more and more interested in targeting the African continent. Africa is first and foremost an opportunity in demographic terms with its 1.2 billion people in 2025, mainly young people under 20 years of age. According to GSMA, there were 866 million mobile money accounts in 2018 and 110 million new mobile money accounts are expected in the next five years.
Africa has great potential in mobile payment. The growth of internet penetration rates and the sustained fall in smartphone prices have had a positive impact on the breakthrough of fintech in Africa these past few years. Telcos are key players in this arena, to compensate for under-banking and enable e-commerce to compensate for weak distribution networks and logistical problems in the local market. With the world’s fastest growth in mobile payment, Africa is both a tremendous opportunity for digital market players, but also a very great risk because this growth attracts all the cybercriminals on the planet. The costs of cybercrime in Africa is said to be over $4bn yearly , yet this figure is likely to be underestimated as the fear of fraud leads to many missed business opportunities.
Let’s take the example of carrier billing, an alternative to the credit card payment method used in many other countries, where users are billed for their purchases directly on their phone bill. This payment method shouldn’t be a problem, as mobile payment is fast and practical, however in too many cases, it isn’t appropriately secured and the numbers speak clearly. Thanks to multiple fraud sensors placed on the African continent, Evina is able to monitor mobile fraud activity and has identified the countries in which fraud rates are excessively high. Kenya’s fraud rate, that is to say the percentage of transaction attempts that are fraudulent, is estimated at 51%, closely followed by South Africa at 30%, Jordan at 21%, Oman at 18%, and Cameroon at 10%. If we take a closer look at South Africa, one of the biggest economies of Africa, as well as the holder of the second-highest fraud rate of the continent, the fraud attempts amounted to 369.5K in September 2020. Of these fraud attempts, the most common fraud type detected in South Africa was clickjacking, as it amounted to 37.00%, closely followed by malicious apps at 35.43%. Clickjacking is when a fraudster intercepts a click, leading the user to believe he has clicked on a specific button when in reality the hacker has guided him to click elsewhere. This is how unconsented mobile subscriptions happen and why one out of every three mobile subscription attempts in South Africa are fraudulent. Unfortunately, clickjacking is a fairly basic fraudulent technique that has been around the past five years, which with the right approach, could easily be avoided. The second trending fraud type, malicious apps, can be a more refined fraud technique, presented in the form of an application that is programmed to go through all the steps of the flow in the name of the end-user, without his consent. This type of fraud can also be fought off with the right anti-fraud tools. These facts and figures show how much wealth is stolen from end-users and the whole mobile payment industry in Africa, and they highlight the urgency to take fraud seriously by implementing real measures and solutions.
Principle of unity in mobile payment
In concrete terms, all key actors of the African mobile payment ecosystem must take action and unite for anti-fraud measures to work. Mobile operators, payment aggregators, merchants and even regulators need to understand that if one is hit by fraud, they all are. Now considering that mobile operators are the most powerful and influential market players, they need to set the example and ensure they are securing their flow and payment process. Not only will they foolproof their payment method and overall brand image, they will also encourage merchants and online aggregators to follow. Securing all the payment flow chain indubitably also protects the most vulnerable of the lot: the end-user. We cannot talk about an eventual secure mobile payment industry in Africa if each of these market players don’t follow through with implementing the correct anti-fraud solution. Because one weak link breaks the entire security chain.
A thoroughly secure mobile payment chain isn’t achievable without a cybersecurity partner that acts as the binding glue. Security has the power to restore trust in the industry: on the merchant and online aggregator side conversion rates and revenues increase, and on the end-user side the brand image improves and the user will be more likely to take part in secure payment transactions. Market players need to change from an individualistic mindset to a collective one, that looks out for the entire ecosystem. This ensures players get what they bargained for and that Africa does not lose money to avoidable online frauds.
An array of opportunities for mobile payment in Africa
The fight against fraud is a battle that must be fought with the right tools and more importantly with the right allies. At your side should be a cybersecurity partner that has the one and only objective to track and stop fraudsters across the globe. It’s also fundamental that your ally be independent, and an expert in what they do. Evina owns a cutting-edge anti-fraud solution relying on the latest technologies.
To be certain that all types of frauds are identified, Evina uses its own global mobile networks to attract fraudsters, reverse-engineer their patterns and reinforce its solution.
We also keep a proactive approach on new fraud patterns and breach exploitation: we run a Cyber Threat Intelligence team involving in-depth analysis of threats from all sources, including the hidden ones in the dark web. Because Evina has sensors all over the world, we are able to gather data from millions of transactions analysed every day to detect fraud patterns and block fraudulent payments through machine learning. Finally, Evina has the most advanced fraud sensors possible which allows to take a 3D footprint of suspicious behaviuor on mobile phones and to not miss any clues of fraudulent attempts.
But the most efficient cybersecurity cannot satisfy itself by only blocking fraud. If the solution is too slow, many legitimate transactions will not happen and the revenue of all players will decrease. That’s why Evina goes out of its way to be superfast, by using computing at edge technology, the latest in cloud technology, where data treatment & storage is the closest to the end-user in order to have the best response time and bandwidth.
Evina’s solution is starting to be deployed in Africa: 90% of mobile transaction activities in Morocco, Côte d’Ivoire, Cameroon, and Senegal are protected by our technology. At the moment, Evina is in talks with many African telecom operators to expand in other African countries; proof of our efficiency and the trust we have acquired among market players. Worldwide, Evina secures over sixteen million daily transactions across 60 markets by providing mobile carriers, merchants and payment gateways with proprietary Direct Carrier Billing (DCB) protection technology that prevents fraudulent payments. Many of these markets have seen dramatic drops of fraud, even more so when it came to collaborating with local telcos. The latter doesn’t need to be a victim but a vessel that holds the key to cleaner traffic and secured mobile payment. Through their collaboration with Evina, Proximus and Bouygues Telecom, two renowned telecom companies in Europe, achieved excellent results by implementing Evina’s carrier billing anti-fraud solution: complaint rates decreased, click-flow was restored, and the overall revenue increased. It’s time market players realize the power that comes with managing fraud the right way.
Telcos, digital merchants and payment aggregators in Africa need to act, sooner rather than later, if they want to ensure a bright future for the mobile payment market, protect their end-users, increase their revenue and fuel the growth of Africa.
By David Lofti, CEO at Evina