Digital Payment Fraud

By Irene Auma, Head of Risk, Visa, Sub-Saharan Africa

Nine out of ten consumers are at significant risk of falling prey to a scam – even the most experienced ones.

In the Sub-Saharan Africa financial landscape, electronic payments have emerged as a thriving industry, drawing more investment than any other financial services sector. Over the past decade, it has consistently delivered remarkable returns and substantial growth. Africa has been no exception to this trend. The year 2020, the e-payments industry in Africa, encompassing both domestic and cross-border transactions, boasted revenues reaching approximately $24 billion. Of this substantial sum, approximately $15 billion was attributed to domestic electronic payments alone. The revenue from domestic electronic payments, totaling $15 billion, was generated from a staggering 47 billion individual transactions, collectively exceeding $800 billion in transaction values.

Despite these impressive numbers, it’s noteworthy that only 5 to 7 percent of all payment transactions in Africa were conducted through electronic or digital channels, a sharp contrast to countries like Turkey, where more than 50 percent of transactions flow through these channels. This glaring difference underscores the immense growth potential that e-payments represent on the African continent. As payment methods become more convenient and scalable while the supporting infrastructure continues to develop, the prospects for e-payments in Africa are undeniably promising.

Electronic payments have been gaining momentum in Africa since the turn of the millennium, mirroring a global trend that saw them take a giant leap forward during the COVID-19 pandemic. This surge in digital payment activity sets the stage for a critical examination of fraud prevention in the evolving landscape of Sub-Saharan Africa’s digital payments. We’re going explore how Visa, a global financial services provider, leverages its expertise to safeguard the burgeoning digital payment ecosystem across the region, as well as the imperative role of consumer awareness in mitigating the risks associated with this transformative shift in the financial landscape.

Safeguarding the Digital Frontier and Foiling Fraudsters

Scams are becoming increasingly prevalent with the rapid pace of digitization. At Visa, we continue to innovate and are putting the best technology in place to protect the digital ecosystem and educate consumers to be more vigilant. Last year alone Visa prevented USD 27.1 billion worth of attempted fraudulent payments across 122 million transactions, stopping fraudsters in their tracks. 

However, as Frank Abagnale said in Catch Me If You Can, “There is no technology today that cannot be defeated by social engineering.” And this is where raising consumer awareness plays the most significant role. To determine how best to tackle consumer awareness about fraud in Sub-Saharan Africa, Visa commissioned the Visa Stay Secure 2023 CEMEA Study in partnership with Wakefield Research, which surveyed 5,800 adults in 17 markets across the CEMEA region. The study provided a valuable foundation for understanding how and why people fall victim to fraud. According to the Study, confidence in the ability to spot a scam, and the vulnerability it may bring, is highest in countries like Kenya (65%), South Africa (65%), and Nigeria (63%).

The Honeypot

Visa Stay Secure 2023 CEMEA study online research was conducted across 17 CEMEA markets including the United Arab Emirates, Kingdom of Saudi Arabia, Qatar, Kuwait, Oman, Bahrain, Egypt, Pakistan, Tunisia, Morocco, Nigeria, Kenya, South Africa, Côte d’Ivoire, Ukraine, Kazakhstan, and Serbia. In many cases, 56% of respondents claim to be highly knowledgeable at recognising a scam. However, the reality is that nine out of ten (90%) consumers typically respond to standard terms or phrases scammers utilise in emails and text messages. Of even more concern is the fact that those who describe themselves as being “very” or “extremely” knowledgeable at recognising scams are more likely to be fooled and act on at least one type of common scam message than those who are less confident in their scam-deducing abilities. It appears that there is a strong correlation between overconfidence and being too quick to click. Or, as the common adage goes: “Pride comes before a fall.”

Indeed, it could be attributed to optimism bias, the belief that we are much less likely to experience adverse events than positive ones. So, when a friend reaches out to you to admit they fell victim to a scam, you think, “Well, that could never happen to me.” But the truth is that it could happen to any single one of us. Visa’s study reveals a pattern of the language and scenarios that scammers tap into to nudge their victims to respond in a way that benefits their purposes. Namely: urgency, positive news, and action required.

Scammers orchestrate a sense of urgency to trigger impulsive action in their target. According to the study, in SSA being offered a financially advantageous opportunity will prompt 44% of the respondents, with 64 % Kenyans, 61 % Nigerians and 41% South Africans to click on a link. Other examples include being notified of a security risk – such as a stolen password or data breach – or receiving a notice from an authority such as a government entity or law enforcement.  In such scenarios, individuals must try to avoid reacting instantly or impulsively. Whatever the apparent urgency at first glance – stop and take a moment to verify the credibility of the email or message. Is the email address or the phone number it was sent from valid? Does it include the company name and logo? Is the information personalized? And make sure to check for grammatical errors and spelling mistakes.

Trojan horses such as “free gift/gift card,” “you have been selected,” or “you are a winner” should set off alarm bells. Sadly, unexpected ‘good’ news is not always what it may seem at first glance. And yet, we are so keen to believe in sudden windfalls and good fortune, especially when it comes to money: the Visa Stay Secure 2023 CEMEA study found that nearly 71% of respondents would take action if the message had positive news phrases.

Relationship dynamics have also been found to play significant role, with some of the common stereotypes still very prevalent amongst adults in SSA, with Gen X and Baby boomers in these markets most concerned about retired people falling victim to scams. The final theme in the scammer playbook is to present the target with an easily resolvable problem. For example, my friends’ outstanding import duty seemed like a quick fix, and it was a nominal amount, he didn’t dwell too much on its legitimacy. Other examples include false notices about a frozen account, problems with an order, or expiring subscriptions – all of which will prompt 60% of consumers into action.

Exploiting the Cracks

Overall, cybercriminals seek to extract confidential information from consumers, threatening their security. These are all cases of social engineering, where a malicious actor attempts to deceive a user to access personal information, financial data, or even corporate secrets. Social engineering comes in various forms, many of which have made the headlines in recent years. Terminologies such as phishing, pretexting, baiting, and tailgating are now familiar to us, and yet we are still falling for the associated scams. Despite how shrewd, tech-savvy or worldly we might tout ourselves to be our most significant security risk remains – regrettably – only us!

Sometimes, we willingly offer it up by broadcasting every intimate detail of our lives, our pets’ names, and our whereabouts on social media. For scammers, this is a treasure trove they can plunder to access our personal preferences, mine to ascertain the answers to common security questions, and devise bespoke scams specifically tailored to you. Our study found that over one in two people (52%) in the CEMEA region has been a victim of a scam at least once, while 15% have experienced being conned multiple times. With the research indicating that adults in African countries; 74% Kenyan, 72 % Nigerian and 64% South Africa, are most likely to report having been scammed. These incidents are not the sole concern of each consumer. All it takes is for one person to put an entire organization or network at risk. That’s why we see so many headlines about cybersecurity breaches that immobilize operations or put data security to ransom – they get to the finish line by finding the weakest link, which is usually a human folly.

Security, a Shared Responsibility

At Visa, we’re staying one step ahead of an increasingly sophisticated band of bad actors by taking a 360-degree approach to security. It’s working: our uncompromising commitment to security has kept fraud at historic lows. We heavily invest in cutting-edge cybersecurity, including artificial intelligence and data analytics, to detect, deter and disrupt fraud pre-emptively.

Advancements in payment security will continue to help drive down fraud. However, technology can only do so much. Consumer awareness and education are the critical first lines of defense against criminal intent. Visa’s study is part of a more significant effort to ensure that individuals and organisations in the Sub-Saharan Africa region know the risks and can adequately safeguard themselves from attacks. Understanding the language of scams is essential in our digital-first world. Collaborating to enforce robust legislation, prioritizing security in technological innovation, and integrating scam awareness into public safety programs are but some of the milestones on the horizon. As technology progresses, people must preserve the human quality of curiosity and questioning. Social media and artificial intelligence can impair the foundations of trust and security. Equipping the weakest link – the consumer – with the tools they need to combat increasingly sophisticated fraudulent tactics is the only way forward for a robust and exciting digital future.