Besides the fax machine, telephone, Internet and GSM, one invention by man that has changed the method of business transaction in recent times is electronic payment. It is a unique system in which electronic software and hardware solutions are configured to enable payments seamlessly either at a bank, sales off-site locations or other electronic channels of delivery.
In addition, it involves the provision of payment services and transfers through devices such as computers, the internet, Automated Teller Machines (ATMs), Point of Sale (PoS) smartcards etc. As a paperless system of making payments, it offers an alternative to the traditional systems, which involves the use of cash and cheques.
While change is inevitable especially in a rapidly evolving world, the growth, pace and structure of an economy revolves around payment systems which facilitates transactions in such an economy. This, the Central Bank of Nigeria (CBN) realised and hence, decided to sustain its drive to put the country’s payment systems at par with global best practices and standards by leveraging on technology.
The apex bank’s ‘Cashless Nigeria Project’ which kicked off with a pilot in Lagos, aims at reducing the amount of physical cash circulating in the economy whilst encouraging more electronic-based transactions.
According to the CBN, cash related transactions represented over 99 percent of customer activities in Nigerian banks as at December 2011, further disclosing that there are projections already that cash management in the country will cost the CBN about N192 billion by end of 2012.
Today, Nigeria electronic payment (e-payment)landscape is on a new threshold with banks, switching and transaction companies, vendors of Automated Teller Machine (ATMs), Point of sale (POS) and third party companies all jostling to expand the scope of market.
In spite of the deployment of PoS terminals by banks for merchants to facilitate the cashless policy in the country, the scheme is still hampered by low level of enlightenment of end users resulting in slow adoption. A PoS terminal is an electronic device used to process card payments at retail locations.
The Nigeria Inter-Bank Settlement System (NIBSS) has disclosed that over 150, 000 PoS terminals have been deployed by CBN and banks across Lagos, further adding that the transactions on them on a daily basis are in excess of N200 million. Interestingly, the number of unused Point of Sales (PoS) terminals in the cash-less Lagos initiative of the CBN has reached 62,095 amid poor connectivity and downtime.
Adebisi Shonubi, managing director and chief executive officer, NIBBS said the clearing house had registered 151,717 PoS terminals on its platform but lamented that only 88,622 units had been deployed as at July 1, 2012. This, according to him, leaves 62,095 registered PoS inactive.
Shonubi said, “PoS deployment had been on the increase since December 2011 and the cumulative number of PoS deployed and connected to the Nigeria Inter-Bank Settlement System Plc stood at 88,622 as at July 1, 2012. This represents an increase of over 100 per cent above the 5,992 recorded as at end of January 2012. The target of purchasing at least 10,000 PoS terminals per vendor has been met for three vendors.”
He disclosed that registered PoS on the NIBSS network had reached an all time high at 151,717 at July, 2012. According to him, these challenges include, lack of understanding of cash policy amongst the banked and unbanked; resistance due to prevailing cash culture; techno-fobia (Literacy vs Numeracy); infrastructure lag; distrust in banking system; lack of clarity in communicating content of policy; lack of POS at priority locations; customs challenges for clearing.
Seven months into the pilot ‘Cashless Lagos Scheme’, some challenges have been experienced by industry stakeholders.
Speaking at an e-payment conference recently, Bisi Lamikanra of KPMG, noted that the estimated 80,000+ PoS terminals deployed in Lagos appear to be insufficient and unevenly spread. He went on, “There are frequent instances of PoS terminals deployed but yet to be configured/ setup for use. Also, there is the difficulty in completing transactions due to frequent network downtime. In addition, there is a low uptake of PoS operation by merchant staff who blamed this situation on cumbersome process, lengthy transaction completion time, and previous experience of availability / reliability issues”.
According to him, there is no clarity on how the handling charges will be allocated merchants feel that they are at a disadvantage in terms of bearing these costs. But more importantly, there are complaints about the apparent lack of transparency in the way the settlements are carried out for POS transactions.
“For example, settlement reports from NIBSS are reported to shows transactions net of charges, thereby causing reconciliation issues for merchants.” Another draw back, according to Lamikanra is the short cash conversion cycle.
“Last mile consumer goods and beverage retailers/ traders would usually prefer to keep cash in-house to fund frequent replenishment of stock/ inventory/ in-bound supplies”, Lamikanra concluded.
Shifting ground
The CBN is already considering extension of the cashless economy scheme it planned for nationwide by January 1, 2013, to only six states in the country come next year. The apex bank, which listed the states to include; Abuja, Anambra, Kano, Ogun, River and a state from North East, noted that it reconsidered the option of implementing the project in phases because of the need to ensure that the needed awareness and infrastructure that will drive the initiative are sufficient in the country.
The CBN Governor, Lamido Sanusi disclosed this at Uyo, Akwa Ibom at the 24th National Conference of Nigeria Computer Society (NCS), with the theme “Towards a Cash-less Nigeria: Tools and Strategies”.
Sanusi hinted that “The whole idea at the initial was that the policy, by January 2013, would go live in all parts of the country, but we have changed the plan because of implementation purposes. We are now going to start with six states. They are Kano, Abuja, Ogun, Anambra, Rivers and one other state from the North East. This has to be done because of the need to ensure things are properly in shape.”
PCIDSS compliance
The apex bank had envisaged this security challenge as it encouraged the country to migrate into a cashless mode, and accordingly directed all players in the banking and electronic payment sector to attain Payment Card Industry Data Security Standard (PCIDSS) compliance to ensure that card users in the country would continue to experience enhanced payment data security.
Up till now, out of the 21 financial institutions currently operating in the country, only Access Bank Plc has achieved compliance, Business Day reveals. It was gathered that Interswitch, ValuCard and only E-Transact Plc have achieved compliance.
Informed sources told Business Day, that banks are investing less resource in PCIDSS efforts because they think implementing these policies will disrupt business operations. Security experts told Business Day that PCIDSS certification represents a common set of security best practice that if strictly adhered to will ensure the safe and secure handling of payment card data and transactions.
The requirements, according to them ensure that the entities that process, store or transmit cardholders’ data meet and adhere to the following standards: maintain a secure network for processing transactions; protection of cardholders and transaction data while in transit or at rest on the network; regular monitoring and testing of Information Technology (IT) networks and infrastructure among others.
Mitchell Elegbe, chief executive officer and managing director of Interswitch Nigeria Limited told Business Day in an interview that financial institutions, NIBBS and other stakeholders in the industry are all making investments in PCIDSS certification. But analysts argue that are doing it at a slow pace.
“PCIDSS is so important because it ensures data security. In switching, data security is a critical part. You know, millions of transactions take place daily. What guarantees the success to those transactions is the security put in place to protect the data (password, cardholder KYC, etc) of users. Besides this importance, PCIDSS is a global best practice adopted by Visa, MasterCard, China UnionPay etc to protect information entrusted to the system by card users”, he added.
Rasaq Olaegbe, an expert in electronic payments told Business Day that are criminal-minded individuals are coming up with advance means of defrauding card users and card holders. He also pointed out that stakeholders in the industry are coming up with indigenous way to beat the fraudsters.
“Now, the PCIDSS is compelling. Why? CBN has launched the cashless policy, which means we are seeing the end of overtly dependence on cash transaction and more of cards. So, to encourage millions of local card users and foreigners (European, Asians, Africans) who have come to rely on the safety of the system (ATM, PoS, mobile, Internet) in their home countries, we must follow this global practice.
“If we do not apply the PCIDSS certification, PCISSC (that is the organisation behind data security, education and awareness of the PCIDSS involving American Express, Discover Financial Services, JCB International, MasterCard Worldwide and Visa Inc) would not consider Nigeria as a serious organisation to do business with in international trade,” Olaegbe hinted.
He noted that PCIDSS is a rigorous process but it is all to ensure compliance to global data security procedure.
“At this stage we are now, Nigeria cannot afford not to invest in PCIDSS. Granted no system is foolproof, but not doing it means you are opening the doors for thieves. You know, because you have embedded security measure in your saloon car does not mean you should leave your car engine running or leave the key in the glove compartment. PCIDSS is a safety measure. It protects cardholders and builds confidence in the system”, he enthused.
Security concerns
Industry experts have said that the success of CBN’s Cashless initiative would be largely dependent on security. In Nigeria’s electronic payment landscape, Lamikanra pointed out that there appears to be no clear and comprehensive electronic fraud management framework.
“There are no clearly defined standards for data and network security across electronic payment channels. There is no clear delineation of responsibility for liability among key stakeholders in the event of a fraud event”, he stated.
With Nigeria gradually transiting from cash to an electronic based economy by virtue of the implementation of the CBN’s cashless policy, cyber criminals and hackers in the country who hitherto attacked businesses and individuals across the Atlantic are re-directing their energies towards finding ways to exploit vulnerabilities in the electronic payment system in order to perpetuate fraud.
Analysts have warned financial institutions and other stakeholders in the electronic payment industry to step up investments in security of electronic transactions or risk been overwhelmed by the spate of sophisticated cyber attacks that would soon arise as a result of the sheer volume of financial transactions online.
To further buttress analyst fears, Nigeria, according to the latest Symantec Internet Security Threat Report has moved six positions up the ladder to occupy the 59th position globally amongst countries with greatest Internet Security threat. Analysts have expressed concerns about Nigeria’s rising cybercrime profile even as there is little effort from government to pass into law, pending bills aimed at criminalising the acts.
The analysts further identified this situation as a major drawback to the development of e-payments in Nigeria. According to them, many Nigerians may lose confidence in the system and CBN’s objective of drastically reducing the cost of managing cash in the economy will certainly be defeated. The lack of confidence in Nigeria’s e-payment system could hinder foreign investments.
Analysts say it could send negative signals to the global business community that Nigeria is an unserious and unsecure entity to do business with in international trade. Peter Boglo of Oracle Corporation told Business Day that Nigeria’s cashless initiative would bring with it an explosion of data running on electronic platforms, urging banks to take advantage of latest security solutions to protect their networks.
“With the new shift in the economy where emphasis is being placed on electronic transactions, being championed by the CBN through its cashless initiative, banks would be highly susceptibility to cyber attacks and threats,” he noted.
Opportunities
Experts believe the cashless initiative offers a great opportunity for indigenous Information Technology (IT) companies to develop local content capacity and benefit from the initiative. Beyond this, the envisaged security challenge provides ample opportunity for local software developers and entrepreneurs to rise up to the challenge and build software solutions that can protect electronic transactions.
John Obaro, managing director, SystemSpecs, said the ongoing drive to introduce cash-less economy represented a new dawn of opportunities for the Information and Communication Technology, banking, and education sectors, among others.
Opportunities, according to him, are also abound for entrepreneurs as well as the economy as a whole. Presenting a paper titled “Software in a Cash-less Economy: Catalyst for Innovation, Local Content Development and Job creation” at the Nigeria Computer Society’s 24th National Conference in Uyo, Akwa-Ibom State, Obaro said that how local operators would plug into the opportunities remained the major concern.
According to him, software offers the window for local operators to take advantage of the cashless initiative, adding that software is needed to drive and secure cashless transactions. Obaro decried that virtually all hardware, especially PoS terminals to be deployed under the cash-less policy were imported, while wondering how many of the mobile money applications were developed locally.
“The move to cash-less society is good for software innovation, increased local content and job creation. Software innovation should focus on improved functionality, security ease of use and interoperability. There is an imperative to increase local content in software and ensure that we develop the right skills mix in the jobs being created. The Nigerian IT industry should seize the current opportunities to transform itself into a global force”, he concluded.
Seven months into CBN’s ‘Cashless Nigeria Project’ in Lagos, the scheme aimed at reducing the amount of physical cash in circulation has been bedevilled by numerous bottlenecks. Security concerns in electronic transactions and cases of sophisticated cyber attacks, are major sources of worry to technology experts, writes BEN UZOR JR
