I lost my phone yesterday night, a touch light phone thinking there’s little to worry about but I was wrong. There’s everything to worry about especially when you are in Nigeria. The sim on the phone is tied to 3 banks.
Majority of Nigerians do this, where we use one mobile number for all our financial accounts, trusting that security measures are excellent.

Fast forward to this morning, I went to MTN office today and i was told i could not retrieve my sim since it is my brother that did the registration earlier, i’ve been using this same sim for over 6 years now but my brother isn’t in the country but it all fell on deaf ears with we are sorry there’s nothing we can do, I left their office, on my way coming I saw an MTN retail store, "retrieve your sim here" the sign board reads. I got inside there and told the rep i met everything after much pleading, it was processed for me and I’ve been told my sim would be active come monday evening.

I got back home thinking all was well, but something just triggered me to check my account via the app and there it was, all red and red and red and red. All I could see was debit for recharge card with amount ranging from 300-1000-5000 in multiples resulting to N37300. I quickly transferred the money I have left to my friends account.

One question that kept coming to me was; How did they do it?
I have not been able to transfer or recharge my line using that specific bank’s USSD code ever since NYSC gave me the account in OT Camp in Iseyin, 2016 because it was interfering with my old account with the same bank.

It has finally has dawn on me that our banking system here has little or no triggers to the irregularities that is happening in an account. I will be going to their bank, first thing on monday to have a review with them.

I have 4 account tied to this phone number, truth is only this account had money in it. I guess they cast a wide net on all the banks using my details to see the ones that would return successful and then harvest the account.

To our bank;
1. What should one do when one’s phone gets stolen or missing especially when it’s on a weekend?
I know our bank uses the BVN as a primary key connecting every account to another but its clear another layer of security is needed.

2. Limit the amount value an account owner can recharge in a day. Why would a saner Nigerian recharge over 37k in this buhari economy and the bank system couldn’t flag this off?

3. Dialing *565*1# is not enough to generate your BVN, it should always ask for a pin to complete this command, our programmers should think out of the box, this is too shameful. A BVN that is used as a Primary Key[b/] yet its easily accessible by any unauthorized party.

[b]My mistakes; Learn from them
1. I did not call my network provider to deactivate my line, I was foolish enough to think our banks were secure. I don’t trust our banks security anymore.
Look at it this way, to recharge on your phone you need a pin to complete any transaction even if your are using a USSD code, and beside it was a touch light phone with my sim in this case not an ATM but 37k was deducted from my account with just having my sim. You see how insecure the system is?

2. Having my sim locked with a pin not just the phone would at least served as a measure of security, once it’s inserted on any device it will request for a pin. I might be wrong but I’m just thinking out loud here.

The Future:
Unfortunately is sad because Nigerians will keep falling into this ordeal unless our banks wakes up.
They people that did this are not good, our banking system is just poor for any d!ck and harry to mess with.

Security: Digital security would be a niche that would be very hot with massive potential. A lot more companies (noticed the more because right now we have only few organizations with standard financial security measures)

[b]I have decided not to add the name of the bank here, because i believe same thing can happen with any other banks.
Tell me do you bank ask you for any security pin when you dial *565*0# to check you BVN Number?[b/]

Nigerian should awake because we’ve fallen.

Secure your SIM not just your phone alone especially when that SIM is tied to your [b]BVN[b/] which is has clearly shown to me unfortunately with an expense of 37K that it isn’t secure at all.

Below are screenshots of the red to red alerts, I had to transfer the rest out of the account.

[b]Is there any hope of this money being returned to me?[b/]

I hope the mods push this to the front page, Nigerians should be aware of this flaw in the system and be careful.

from Nairaland https://ift.tt/2zvaK4G
via