SA Corona Virus Online Portal Logo
CLICK HERE FOR MORE INFORMATION

Secondary

identity-theft

Instant EFT – Payment option can lead to online crime

Last Friday consumers took to online shops to benefit from the Black Friday deals. With the approach of the holiday season even more consumers will make use of online shopping in order to avoid queuing at shops as a result of COVID restrictions and social distancing.

The South African Reserve Bank (SARB) and the Financial Sector Conduct Authority (FSCA), in consultation with the Payments Association of South Africa (PASA), has however issued a warning to consumers to be aware of the risks associated with the use of “instant-EFT” online payment services offered at eCommerce stores (i.e. stores which facilitate the purchase and sale of goods or services via the internet).

A scenario to illustrate:

Sidney (34) wants to order a pair of sneakers for his son’s birthday. He searches for an online clothing store and finds the perfect pair. He selects the size and colour and then clicks on “buy now”. Sidney then proceeds to the delivery details and payment page. Here, he is asked how he will make a payment and selects the ‘instant-EFT’ option. Sidney is given a list of banks and is prompted to select the bank he uses. Immediately he is redirected to a page with his bank’s logo and is required to enter his online banking details. He inputs his online banking username and password and clicks “submit”. Once he inputs the username and password, he is required to select the account from which he wishes to make the payment and is then required to authenticate the payment via his mobile phone. The webpage then moves to the payment confirmation page to inform Sidney that his payment was successful. Lastly, he receives an SMS from his bank alerting him that the payment has been successful. Instant-EFT benefits Sidney in that he can make online purchases quick and easy from the online store.

But what are the risks?

The SARB, FSCA and the payments industry said the method of using screen scraping to effect payments puts consumers’ access credentials at risk of being compromised.

“Consumers have no control over how their credentials, and any other data or personal information, are accessed and used by the third party, like account numbers and account statements can be stored and utilised without the consumer’s knowledge or consent,” SARB said.

As the global economy experiences an increase in the use of electronic payments, online shopping, and the growing role of financial technology in payments, online crimes are increasing. It is becoming even more important for consumers to educate themselves on the risks and benefits of using online means to make payment or order goods and services online. It is also becoming exceptionally difficult for regulators and the financial industry alike to keep up with such crimes before a loss is experienced by either party.

Click here to read the media release that includes an infographic as illustration as well as tips for consumers.

, ,

Comments are closed.