Technology savvy fraudsters have stolen an estimated Sh21 million from Kenya’s revolutionary mobile phone-based money transfer system, M-pesa.
Michael Joseph, the chief executive of Safaricom — the telecoms operator that owns M-pesa — said the operation has reported suspected or actual fraud in 0.006 per cent total transactions since its inception three years ago.
“Suspected or actual fraud stands at less than 0.006 per cent of all recorded transactions with a downward trend,” said Mr Joseph.
He declined to disclose the exact figures, saying Safaricom had shared the data with regulatory authorities who have the mandate to receive such reports. M-pesa has handled an estimated Sh350 billion since it was launched three years ago.
Increasing attacks
The revelation of M-pesa’s loss comes in the wake of reports that the financial services industry has come under increasing attacks from cyber criminals since Kenya entered the world of high speed internet with the landing of fibre optic cables in the country mid last year.
The financial services sector loses more than Sh100 million to cyber criminals every month, according to the Central Bank’s anti- fraud department.
Anti-fraud experts have feared that M-pesa’s unparalleled success in the money transfer business would catch the attention of cyber criminals and expose the system to huge losses, but the revelation that the money transfer platform has lost less than one per cent of the total cash moved should help clear any concerns over its safety.
Industry sources said M-pesa’s extensive network of 16,000 agents and nine million customers presents a massive security challenge to its managers and that the low level loss is an indication of how far the company has invested in securing the system from cyber criminals.
M-pesa said the number of attempted fraudulent transactions has been rising since last year, but most have been unsuccessful.
“A month does not pass without a new form of fraud. These people are very innovative,” said one agent who declined to be named.
The latest form of fraud targets agents and Safaricom.
The criminals send themselves self-made M-pesa messages indicating that the recipient can withdraw up to Sh35,000, the maximum amount allowed for a transaction.
Subscribers, however, hold up to Sh50,000 in their virtual accounts.
The messages look exactly like the authentic M-pesa texts, but come with made-up codes that have helped agents expose the fraud.
[...] Here is the original post: Mobile Money Africa » Blog Archive » Technology savvy fraudsters … [...]