MoMo, Flutterwave, now Patricia; Nigerian fintechs must work harder to prevent cyber attacks

Godfrey Elimian
More questions raised after Patricia’s latest breach
Why Nigerian fintechs should be concerned about targeted cyber attacks
Why Nigerian fintechs should be concerned about targeted cyber attacks

The rapid growth of fintech in Nigeria has brought about significant advancements in the financial sector, revolutionizing how people transact, save, and access financial services. However, this progress has also attracted the attention of cybercriminals who see an opportunity to exploit vulnerabilities for their gain.

In May last year, MTN Nigeria’s fintech subsidiary, Mobile Money Payment Service Bank (MoMo PSB) Limited, suffered a data breach just days after launch, reportedly losing 22 billion Naira ($53 million.)

Recently, there have been alleged hacks and breaches at two big fintech startups, Flutterwave and Patricia, only this year. Although Flutterwave has since denied it, the reports say that the company was hacked, and over N2 billion funds from its account were removed.

On the other hand, Patricia suffered a security breach on its cryptocurrency processing platform that has now led to the loss of sizable funds from the company’s coffers. The company admitted this and has said it would work with law enforcement agents and other stakeholders to recover the assets.

Why Nigerian fintechs should be concerned about targeted cyber attacks

Now, while the latter has acknowledged that the breach did occur and was collaborating with multiple entities to examine the problem, the former has come out to deny any attacks in the first place, even though numerous media outlets had covered the issue.

Whatever the case may be, the industry needs to be concerned. Rather than becoming passive in the face of these reports, the fintech companies must unite their efforts to find a significant way to create a solid infrastructure to halt the trend and prevent what could soon be a major negative disruption to the ecosystem.

Read also: Top cybersecurity predictions for African businesses in 2023, according to experts

Why is the fintech industry targeted?

The simple answer is money.

The African fintech industry is one of the most viable and lucrative markets, both in size and prospects.

Kaspersky prevents about 300,000 attacks on IoT devices in sub-Saharan Africa, provides safety tips for users

In Nigeria, for example, it is estimated that about 210-250 FinTech operators/companies are operating in the Nigerian space, attracting up to two-thirds of all local start-up funding in recent years. In 2021 alone, the sector handled nearly $700 million in digital transactions.

Also, Partech Africa Tech Venture Capital Report says that the Nigerian fintech industry alone recorded $798 million in 2022 from $1.3 billion in 2021 in funding. These fintechs have access to customers’ funds, making them easy targets.

Nigerian fintech companies have also emerged as attractive targets for cyber attacks due to the increasing digitalization of financial services. Fintechs handle a vast amount of sensitive customer data, including personal and financial information.

This makes them prime targets for hackers who seek to exploit security weaknesses and gain unauthorized access to valuable data for financial gain or other malicious purposes. The potential rewards make fintechs a lucrative target for cybercriminals, necessitating a proactive approach to cybersecurity.

For example, Flutterwave is Africa’s most valuable fintech startup, with a valuation that exceeds $3 billion. Being a payment aggregator has also put the company in a critical landscape in the industry, thus in the eyes of criminal elements.

Flutterwave, chasing IPO, acquires Switching and Processing License

Read also: Isa Pantami reveals how Nigeria prevented over 12.9 million cyberattacks during the Presidential elections

Reputational Damage and Customer Trust

Targeted cyber attacks on fintechs can have far-reaching consequences beyond financial losses. A successful attack resulting in a data breach or compromised customer information can severely damage the reputation of a fintech company.

Customers place a high level of trust in financial service providers, and any breach of that trust can lead to customer churn and a loss of market share. Fintechs must prioritize cybersecurity to safeguard customer data, maintain trust, and preserve their reputation in the industry.

For instance, an attack on a Crypto payment platform could result in reputational damage not only to the company but to the crypto space, which is even more complicated with the lack of an insurance policy for crypto assets

Patricia loses funds due to a security breach, says investigation ongoing

Collaborative Approach and Industry Best Practices

Addressing the challenges of targeted cyber attacks requires a collaborative approach from all stakeholders within the Nigerian fintech ecosystem. Fintech companies should actively share information and engage in industry collaborations and best practice initiatives to stay updated on emerging threats and effective defence strategies.

If there is perhaps a starting point, then fintech companies need to start focusing on strengthening their cybersecurity protocols. A recent report shows that approximately 90% of African businesses operate without cybersecurity protocols, making them vulnerable to cyber threats, such as hacking, phishing, and malware attacks.

Sharing knowledge and insights can also improve the industry’s overall cyberattack resistance. Key players in other industries can also be included in the collaboration, which could result in comprehensive coverage and infrastructure to fend against attacks and losses in the event.

Technext Newsletter

Get the best of Africa’s daily tech to your inbox – first thing every morning.
Join the community now!

Register for Technext Coinference 2023, the Largest blockchain and DeFi Gathering in Africa.

Technext Newsletter

Get the best of Africa’s daily tech to your inbox – first thing every morning.
Join the community now!