Gauteng banks lead in countering cybercrime
JOHANNESBURG – Gauteng Premier David Makhura recently rightfully asserted that his province is Africa's seventh-largest economy, and that it was a financial hub of the sub-Saharan region.
All South African banks have their headquarters in Gauteng. Multinational corporate and investment banks also have their African operations based in Gauteng. It is also in Gauteng where the phenomenon of technology and finance convergence first emerged and this led to a concept called “fintech firms”.
It was in Gauteng where for the first time wireless signals were employed to link a point-of-sale credit card reader to the banking system, enabling small vendors to accept credit cards.
Gauteng is also a leader in inventing mobile money through the provision of wireless application services.
Thanks to this innovation, good governance and strong regulatory framework, the South African financial institutions protected us from the great recession of 2008 – something that the Americans and Europeans could only envy.
Another great phenomenon that emerged in Gauteng was the move by banks towards becoming mobile network operators, and mobile operators getting into banking – thereby enhancing the “fintech” concept.
Interestingly, Gauteng leadership in banking innovation and the fintech phenomenon also led to leadership in cybercrimes.
According to reports from the SAPS and South African Banking Risk Information Centre (Sabric), skimming is a prominent cybercrime in South Africa.
Fraudsters use skimming devices to harvest the credentials of the debit or credit card owner by copying information in the card's magnetic strip and thereafter producing a counterfeit card.
Cybercrimes have caused the South African banking system to become more smart and superior compared to their counterparts worldwide – the vendor machine technology that enables a customer to pay their bills at their tables without giving away their cards was initiated in South Africa to thwart skimming.
Another prominent cybercrime in South Africa is industrial espionage – or rather, corporate spying. The director-general of the then-National Intelligence Service, Vusi Mavimbela, once confirmed that several South African companies were victims of cyber-spies who hack their information systems and sell local trade secrets and intellectual property to multinationals competitors.
After noting that the government was not recruiting cyber-inspectors (police) in line with the provisions of the law, corporate South Africa closed the gap by appointing its own cyber-police, who are largely found in the banks and other corporate sectors.
South African banks have dedicated teams of information security professionals who “combat” cybercrimes. After observing clients’ concerns regarding internet and cellphone banking crime, banks have responded forcefully to cybercrime and, with superiority, to prevent financial losses and reputational damage.
The cyber-police in the banking industry remove phishing (deceptive) emails and spoofing (deceitful) websites while suspicious emails are blocked before they reach the targeted victim.
Banks have monitoring systems, behaviour pattern analysis and early warning systems.
For example, if a spoofing site is picked up worldwide on the internet or a phishing email goes out, they typically shut the site down within 45 minutes to two hours.
It doesn't matter where it sits in the world, and the cyber-police, who are largely based in Gauteng, have worked with Interpol and have successfully had the fraudsters arrested.
Banks are also available 24 hours a day to help their customers in cases where they suspect their internet banking accounts are being defrauded.
Customers can phone the contact centre, and there is also a button on the internet banking screen that customers can press to report fraud and have their bank account closed immediately.
During the research I conducting regarding cybercrime, I noted that there were times when the cyber-police who are based in South African banks actually prevent money from leaving the internet bank accounts fraudulently. They also ensure that transactions via internet banking are undertaken in an encrypted environment. It is not possible for criminals to intercept encrypted transactions.
I also found that banks were more compliant with regard to the information security aspects of the legislation than all other industrial sectors that participated in the study I was conducting.
Companies in other industrial sectors don't have huge volumes of transactions across the internet like the banking sector. Consequently, they have very little interest in establishing organs like Sabric or establishing their own sophisticated teams to fight cyber-related crimes for 24 hours.
The three new South African banks, Bank Zero, TymeBank and Discovery Bank, will be headquartered in Gauteng and have already vowed to disrupt the market by bringing technology innovation that has never been seen globally.
If other South African provinces adopt some of Gauteng's investment strategies, then entrepreneurship, innovation and business growth will thrive in South Africa.
Rabelani Dagada is a Professor of Practice in Digital Commerce at the University of Johannesburg’s Postgraduate School of Engineering Management. He is on Twitter: @Rabelani_Dagada
The views expressed here are not necessarily those of Independent Media.