Standard Chartered Bank Kenya has invested Sh200 million to bolsters its cybersecurity systems in a bid to counter mounting digital frauds. The lender said it seeks to improve its authentication processes for clients using its digital payments platforms, running awareness campaigns and using artificial intelligence to detect suspicious activity.
Banks are increasingly adopting mobile and digital products as an efficient and cost-effective way of reaching customers and growing market share. This has, however, made them more vulnerable to cyber-attacks, putting at risk customers’ deposits and savings.
“Cybercrime is going to be the biggest challenge in the financial sector for many years to come—we are using a lot more technology, so that is not an area in which we can slow down,” stated Kariuki Ngari, Stanchart’s chief executive, adding that customers need to be made aware of these threats.
Kenya’s economy is fast shifting into the digital space, making the country a key target by online criminals.
Check Point Software reveals that the number of cyberthreats reported to the Kenyan National Cyber Crime Centre (NCC) in the first quarter of the 2022/23 year rose by almost 200 percent. According to the Communication Authority of Kenya (CA), the number of cyberattacks detected in the country in the three months ending September 2022 stood at 278 million. This is almost three times the number of threats reported in previous quarter.
“There is simply no respite from ransomware and increasingly sophisticated cyberattacks,” says Pankaj Bhula, Regional Director for Africa at Check Point. “This puts users under increasing pressure to keep up to date with the latest trends in the threat landscape.”
Cases where links are widely circulated promising free airtime, money and other products have been used in phishing attacks to collect personal data and use it to siphon cash.
Criminals also send out legitimate-looking emails from trustworthy websites requesting personal and financial details from unsuspecting people, fooling them into submitting personal or financial data and passwords.
In 2017, the Central Bank of Kenya (CBK) developed cybersecurity regulations for the banking sector, which required lenders to formulate policy, strategy and a framework to fight the crime.
Most banks, however, do not reveal the level of fraud and cyberattacks they face and the losses on these occasions, unless the cases land in court. This is because of the reputational risk involved for them in the eyes of depositors, who bank with them based on trust that their funds are safe.
This has informed the increased vigilance by lenders against fraudsters, and higher investment in customer awareness campaigns which involve short text messaging, emails, media adverts and social media posts.
Stanchart said last year, it sent over 4.7 million text messages to its customers in a fraud awareness drive.
The lender has also initiated multifactor authentication for digital access to customer accounts.