The new maximum daily limits of N100,000 set by the Central Bank of Nigeria (CBN) when Unstructured Supplementary Service Data (USSD) option are used for mobile phone transactions takes effect from June 1.
This is part of the apex bank’s plan to secure electronic payment services in the country.
‘Dipo Fatokun CBN director, Banking & Payments System Department, said that the vast applications of the USSD technology, in terms of available services have raised the issue of the risks inherent in the channel.
The USSD technology is a protocol used by the GSM network to communicate with a service provider’s platform. The session-based, real time messaging communication technology, which is accessed through a string that normally starts with asterisk (*) and ends with a hash (#).
It is implemented as an interactive menu driven service or command service.
Fatokun said although the N100,000 limit per customer, per day for transactions applies, customers desirous of higher limits shall execute documented indemnities with their banks or Mobile Money Operators (MMOs).
The apex bank has also mandated the use of an effective second factor authentication by customers for all transactions above N20,000. This shall apply in addition to the Personal Identification Number (PIN) being used as first level authenticator, which applies to all transaction amounts.
According to the framework, banks shall not send the second factor authentication to the customer’s registered GSM number or device; and it shall not be generated or displayed on the USSD menu.
Banks are also required to install a behavioral monitoring system with capability to detect SIM-Swap/Churn status, user location, unusual transactions at weekends, among others. This shall be achieved by 31st October 2018, according to the banking sector regulator.