“Concerns have been expressed on the likely exposure of CBN approved entities to the possible breaching of the USSD accessed financial services in view of likely vulnerabilities in the technology and the ever-growing threats,” the circular read.The bank added that any customer that would like to do transactions over N20,000 will require a pin and soft token which they would get from their banks.
“Put a limit of N100,000.00 per customer, per day for transactions as may be required. However, customers desirous of higher limits shall execute documented indemnities with their banks or MMOs. Mandate the use of an effective 2nd factor authentication (2FA) by customers for all transactions above N20,000. This shall be in addition to the PIN being used as 1st level authenticator, which applies to all transaction amounts.” the statement readAccordingly, the CBN said the second factor authentication should not be sent to the customer’s phone or displayed on the USSD channels.
Read the full statement here.
No comments:
Post a Comment