Dr. Kingsley Aguoru, a Nigerian-British information security expert, has raised alarm over the continued use of card PINs for online payments, urging the Central Bank of Nigeria (CBN) and the Economic and Financial Crimes Commission (EFCC) to address what he describes as a pressing security risk to Nigerians’ finances.
In a petition obtained by Chronicle NG on Sunday, Aguoru, a Chartered Engineer and Director of Information Security with over two decades of experience in financial technologies, highlighted the need for the CBN to ban card PIN use for online transactions.
He mentioned that the current practice exposes Nigerian consumers to high risks, including phishing, keylogging, and man-in-the-middle attacks.
“Nigerian payment providers like Paystack, Flutterwave, and Interswitch continue to require card PINs for online transactions, a practice that is virtually obsolete globally,” Aguoru noted in the petition, titled ‘Urgent Call to Ban Card PIN Usage for Online Payments in Nigeria.’
He went on to say that while PINs are intended for usage at ATMs and POS terminals with strong encryption, using them online exposes users to cyber dangers.
Aguoru, credited with pioneering one-time passwords for card-not-present purchases, claimed that continuous PIN usage could allow unscrupulous individuals to intercept and misuse consumers’ information.
He also claimed that Nigerian consumers should just use OTPs or multi-factor authentication for online payments, rather than mixing them with card PINs.
“Combining OTPs with card PINs is unnecessary and risky. Instead, customers should be provided with secure alternatives, such as hardware card readers that generate OTPs independently,” he said.
Aguoru urged the CBN to immediately implement these security measures and educate the public on safe online payment practices.
“I respectfully call on the CBN to address these issues by prohibiting web PIN entry for card payments and enforcing OTP or MFA requirements across all payment providers,” he stated.
He believes that implementing these measures would match Nigeria’s payment systems with global best practices and greatly minimise the risk to Nigerian customers.