Dr. Kingsley Aguoru, a Nigerian-British information security expert, has advised the Central Bank of Nigeria (CBN) and the Economic and Financial Crimes Commission (EFCC) to take immediate steps to ban the use of card PINs for online payments.
With over 20 years of experience in financial technology, Dr. Aguoru warned that the current requirement by Nigerian payment providers such as Paystack, Flutterwave, and Interswitch to use PINs online leaves consumers vulnerable to cyberattacks like phishing and man-in-the-middle threats.
In a petition titled ‘Urgent Call to Ban Card PIN Usage for Online Payments in Nigeria,’ Aguoru stressed that PINs should only be used for ATM and POS transactions, where encryption safeguards them from interception.
He argued that relying on OTPs or multi-factor authentication (MFA) would better protect consumers and aligns with global security standards.
Aguoru, credited with pioneering one-time passwords for online transactions, suggested that Nigerians should avoid combining PINs with OTPs online, proposing instead the use of standalone hardware devices to generate OTPs securely.
He called on the CBN to enforce a prohibition on PIN-based web transactions and to mandate OTP or MFA across all payment platforms, emphasizing that these changes would enhance security and help reduce financial fraud in Nigeria.
