By Milcah Tanimu
A cybersecurity expert has alerted Nigerians about the dangers of using ATM card PINs for online transactions. Kingsley Aguoru, a British-Nigerian information security director, has called on the Central Bank of Nigeria (CBN) and the Economic and Financial Crimes Commission (EFCC) to address the pressing security risks this practice poses to consumers.
Aguoru, a Chartered Engineer, emphasized that the use of card PINs for online purchases has become obsolete globally. He urged the CBN to ban this practice and replace it with more secure methods like one-time passwords (OTPs) and multi-factor authentication.
He noted that the continued requirement of card PINs by Nigerian payment platforms such as Paystack and Flutterwave exposes users to serious security threats, including phishing, keylogging, and man-in-the-middle attacks. These vulnerabilities compromise the safety of consumers’ financial information.
According to Aguoru, PINs are specifically designed for ATM and point-of-sale (POS) transactions where secure encryption is in place. However, using them for online transactions increases the risk of interception by cybercriminals.
As a pioneer in implementing OTPs for card-not-present transactions, Aguoru stressed the importance of relying solely on OTPs and multi-factor authentication for secure online payments. He believes that eliminating the use of ATM PINs could significantly enhance the security of online financial transactions in Nigeria.
