Telcos move to secure USSD transaction channel

Telecommunications operators providing Unstructured Supplementary Service Data (USSD) platform are requesting help from money deposit banks to effectively secure the platforms against hackers, Nigeria CommunicationsWeek has learnt.

As part of efforts to offer customers 24X7 transaction services, banks are now using USSD code for their customers to make payments or transfer money with codes such as *737#, *966# among others.

USSD messages create a real-time connection during a USSD session. The connection remains open, allowing a two-way exchange of a sequence of data. This makes USSD more responsive than services that use SMS.

Laja Sorunke, group head, IT and Digital Banking Control, UBA, said that the demand by telecommunications operators for banks to help fund the cost of protecting endpoint of USSD platform which is not well secured arises over the concerns expressed by banks to ensure that customers data and money are secured.

Sorunke disclosed this at this year’s Hackcess cyber security conference held in Lagos. He noted that a couple of banks have been attacked by Ransonware hence the need to secure are channels linked to their network including the USSD.

“To further secure the USSD channel, CBN has directed banks to ensure that USSD based transactions are authenticated. For banks, because the endpoint of this platform is not well secured that is the reason we have reduced transaction limit on the platform,” he said.

Also speaking at the event, Hassan El Chami, chief technology officer, MTN Nigeria, said that MTN is now focusing on internet security more than some years back because some 40 percent of her subscribers in Nigeria are data users.

“We have to protect our customers’ data as they browse on the internet. More so, security of SIM cards are very important to us as subscribers’ bank details are saved in their SIM cards, and when this is compromised there is problem for such subscriber,” he said.

He stressed the need for organizations to set a roadmap for improving security of ‘Things’- he described as anything that has digital identity, even as the world prepares for exponential growth in Internet of Things (IOT).

Emeka Nwakanma, founder, HackCess, said that digitalization of operations by organizations poses security challenge where hackers tends to bring organizations down as well as target individual’s data with the aim of stealing their money.

This according to him is the essence of Hackcess cyber security conference to create awareness on the risk of cyber threats as well offer ways organisations could protect their networks against cyber- attacks.

“The impact of cyber- attacks in Nigeria is huge and cannot be ignored anymore. We want to change the reactive approach of Nigeria organizations to cyber-attacks to pro-active. However, awareness is stepping up as at today because cyber security threats have become main stream. It is no longer issue of technology experts; hacking is indeed happening in Nigeria and the risk is real,” he noted.