Stakeholders in the electronic payment business have been urged to upgrade their security systems in compliance with new standards, Payment Card Industry- Data Security Standards, before the end of the year, as part of measures to address fraud risks associated with electronic payment channels.

The PCI-DSS is a set of standards and security due diligence practices issued by the United States-based Payment Card Industry Standard Security Council- a global IT security regulatory body- setting the pace for security standards to help ensure the safe handling of payment card data.

Speaking at the July forum of the Nigerian Electronic Fund Forum designed to aid the adoption and adaptation of the new security standard in Lagos, on Thursday, the Deputy Director, Domestic Payment Division, Central bank of Nigeria and Chairman of the Forum, Mr. Emmanuel Obaigbona, stressed the need for financial institutions to comply with the PCI-DSS as Nigeria deepens its cash-less initiative.

According to him, the new standard, otherwise known as PCI DSS, will aid the security of electronic payment in the country, as it is associated with the management of privileged identities and controlling insiders and administrators from accessing sensitive data.

“The move is a proactive process towards enlightening Nigerians, especially those in the financial sector on measures to mitigate fraud associated with electronic payments. We need to do something to prevent fraudsters that come our way. A lot of fraud is moving from Lagos to places where there is no use of electronic payment systems. We need to fight this fraud and also be proactive about it,” he added.

In his presentation, the Managing Director, Digital Encode Limited, Mr. Adewale Obadare, said, “Compliance with PCIDSS helps to mitigate risks associated with prevalent use of bank cards and payment channels. There is a growing community of fraudsters hoping to hack new electronic payment platforms. With this trend, PCIDSS has been mandated for all merchants or banks that store, process and or transmit cardholder data.

“Managing and monitoring access to the electronic payment environment while locking down administrative privileges is crucial to protecting sensitive data within this expanded threat environment. Many organisations are still trying to catch up on PCI 2.0 requirements, and those exploring virtualisation will now need to fully understand new hurdles to meeting audit requirements and protecting sensitive customer data and financial information.”

The Managing Director, Standard Chartered Bank Limited, Mrs. Bola Adesola, said that every new system had its vulnerability and should be addressed. She added that there was a lot of collaboration internationally to fight against fraud and Nigeria could not afford to be left out.

Source: Punch/Ademola Alawiye