The digitization of financial services in Kenya in recent years has earned global acclaim for streamlining access to financial services and solutions for a majority of the populace.
Kenya’s adoption of simple financial technology to provide access to the unbanked population has been the subject of a myriad of case studies which signify the country’s ability to offer solutions to its unique challenges.
Equity, the country’s largest bank by asset base of USD 11.7 billion, as at 30th June 2023, is one of several commercial institutions that have set up infrastructure to provide citizens with access to financial services.
A customer base of over 18 million with access to digitized services such as Equitel, Equity Mobile, Equity Online, Eazzy Biz and the forex trading platform, EazzyFX ensures that money transactions are made possible on a global scale.
With this great scale of digitisation, however, comes the equally potent risk of financial fraud.
This became more apparent during the COVID-19 pandemic when containment measures put in place by the government placed preference on cashless transactions over the use of hard cash; this acted as a tailwind for the adoption of digital banking services.
While the intention was to curb the spread of the killer virus through exchange of bank notes,
fraudsters pounced on the accelerated and often confusing transition to digital financial service provision to defraud unsuspecting Kenyans of their hard-earned monies.
The State of Financial Crimes in Kenya
A 2023 report by Financial Crimes News, an organisation dedicated to monitoring the threat and vulnerability levels of financial sectors in more than 150 countries globally, ranks Kenya at 44/100 on their in-house Country Risk Scores and Ranking scale.
The organisation further gives the country a designation of a high threat level and a moderate to high vulnerability level with respect to financial crimes of which fraud is part and parcel.
Alive to this threat and vulnerability, Equity Bank has published secure banking tips with information on how consumers can protect themselves against fraud and from fraudsters.
Here are some actions that customers can take to protect their accounts from fraudulent activities.
Preventative Measures by Equity
One of the first incursions that gives fraudsters a foothold in defrauding customers is identity theft. Financial criminals will attempt to gain access to customer accounts by stealing their identities using their passwords and security codes.
Banks such as Equity have implemented a stop-gap measure to prevent fraud by generating One-Time-Passwords (OTPs) and security codes with a time limit. Customers are advised to keep these codes and OTPs secret to prevent the risk of identity theft. Additionally, customers are advised not to seek help from strangers in conducting any transactions via their mobile phones, as fraudsters have been known to acquire that sensitive information for later use.
With the heightened risk of being defrauded through unauthorized access to their phones, customers are advised to avoid saving their account details and Personal Identification Numbers (PINs) on their devices. In the case of a loss or theft, the situation can be worsened by thieves gaining access to this sensitive information to the detriment of the customers.
Despite the risk of interception being low, customers are also advised not to share their account information and identification numbers via Short Message Service (SMS). It might be that the recipient’s phone has been stolen and this creates a risk of identity theft.
A further tip to prevent possible fraud is that customers are advised to keep their Equity Bank cards within sight at all times when making payments at points of sale. Further, when transacting at an Equity Bank Agent, customers are advised to ensure that the agent only captures the account details and nothing else.
Never buy Equitel SIM cards and phones from unauthorized outlets. Only bank branches
countrywide and selected Equity agents are authorized to sell the cards and devices to customers. Account holders are encouraged to report to the bank immediately should they encounter the sale of these items at unauthorized outlets.
Equity Bank staff never call to ask for OTPs, codes, identification numbers or any other personal information. Customers are advised to forward the phone numbers of any such calls to the number 333 via SMS for immediate action.
Also, all communications from Equity will come from the number 0763 000 000 for phone calls. For SMSs, account holders should expect the sender’s title reference to either be EQUITY or EQUITEL. Personal numbers purporting to be communicating on behalf of the bank should be forwarded to the number 333 for investigation.
Privacy and Security Best Practice
Fraudsters have devised a scheme where after acquiring the phone numbers of account holders, they will call with claims of being on the verge of blocking, suspending or deactivating accounts unless the owners take some action that usually involves sharing sensitive account information.
Equity Bank does not block, suspend, or deactivate accounts. Customers are advised to discontinue such phone calls and ignore such text messages.
If a customer either shares or wants to sell their phone which they have previously used for either mobile or online banking, they are advised to first delete all communications pertaining to their transactions before offloading the device. This helps prevent any fraudulent activities once the phone has a new owner.
Account holders are advised to avoid setting up their mobile banking and online banking accounts with passwords that are easy to guess such as birth dates, current years and sequential numbers. Some fraudsters may have access to such information which can compromise the security of the individual’s bank account.
While it is convenient to utilize the auto-save feature of browsers and mobile phones, customers are advised to avoid using them, especially on shared devices without additional layers of security such as two-factor authentication or biometric authentication which are harder to compromise.
In the absence of these, it is best to log out of accounts and ensure the passwords are not automatically saved.