Communications Authority of Kenya Guidelines on SIM Cards

The Communications Authority of Kenya has issued new directives with regards to sim registration stating that members of the public should not use unregistered sim cards. They also state that they should not purchase sim cards from hawkers and if the event that they purchase a sim card, they have to demand that the sim card be registered with their particulars including the ID card. Members of the general public are further asked to ensure they report their lost sim cards to the police and obtain an abstract for the same. The authority further states that failure to comply with these rules would lead to a six month jail term or a fine of Kshs. 100,000.

Here is the statement:

sim_card_reg

 

 

Advertisements

Tips to prevent a SIM-Swap Fraud

 

1. If you stop receiving calls or texts, and you don’t know why, check in with your mobile operator immediately
2. Never disclose your Internet banking password or personal identification number (PIN) to anyone. Even your bank will never ask for this.
3. Keep personal details – such as your phone number, date of birth or things like your first car and maiden name – off social media like Facebook. This means scammers can’t impersonate you easily.
4. Ask your bank to give you details of every financial transaction through two channels – for instance, SMS as well as email alerts.
5. Use a separate email address for your Online Banking account and financial transactions from your social media accounts.
6. Never switch off your smartphone in the event of you receiving numerous unknown calls.It could be a ploy to get you to turn off your phone and prevent you from noticing a tampered network connection.Even if you are frustrated by such events, do not switch off your smartphone.

What to do in the event you become a victim of SIM swap fraud

In  my previous  blog post I  spoke about the process of SIM swap and how it is  used to  defraud unsuspecting  individuals of moneys  from their account without their knowledge.

Today  i’ll be talking  about  what to do in the event that  you suspect that  you’ve become a victim of SIM swap. These are just stop gap  measures since there is no foolproof plan to prevent  the same

If you suspect you are the victim of a SIM swap scam, immediately call your mobile network operator for assistance. Be sure to call the right department. They may also have a form on their website for dealing with cases of fraud, which you can fill in, and they will assist you in an investigation of the matter.
Also make sure to call the appropriate department at your bank, and suspend all activity on your bank account, essentially locking it, so that nobody is even able to log in to your online banking profile.
If you are able to, you may consider accessing your online banking account, and changing your password, as well as changing your associated email address and mobile phone number, so the notifications and confirmation SMSes would arrive at a new number and email address. So even if the criminals succeed with the SIM swap operation, the number they have is no longer linked to your bank account. But I would more readily recommend that you just suspend activity on your account, especially in a panic situation or if you are unsure on how to go about doing all of that.
If money ends up getting taken out of your account, then you need to open a case with the police for theft, preferably within 48 hours of the fraudulent transfer or withdrawal of funds having taken place. During this process you may receive documentation from your bank’s claims department, which will aid in the investigation.

You might get your money back, and you might not. The banks claim that recourse depends on the circumstances of each case. In fact, some flat out refuse to reimburse a client, often claiming that it was the client’s fault – that they did something in order to help facilitate the theft. If you are fighting an uphill battle, it may be a good idea to get legal advise on the matter.

BE WARY OF THIS FORM OF MOBILE BANKING FRAUD

SWAPWe live in a digital world where more members than ever before are banking online or on their mobile phones. However, online and mobile banking is never 100 per cent safe. There are many fraudsters out there who’ve made it their business to fool you into sharing your financial information by using sophisticated tools that look real to most users.

In all cases, signing up for online banking alerts is a good idea. Alerts are an online banking feature that automatically sends you an email and/or a text message to your mobile phone to alert you of certain changes to your account made through online banking
This morning I had a client who narrated to me his ordeal.
Sims(not his real name) was sitting in his home a fortnight ago when his iPhone, suddenly stopped working. Within 75 minutes the fraudsters who had hijacked his phone had, through his online banking, emptied his bank account of KSH.500,000 .
When Sims rang the Mobile Operator, it soon emerged that someone posing as him had managed to persuade the mobile network to activate a new sim card – in effect giving the fraudsters control of his mobile number. The crooks were then able to reset all his mobile banking passwords, using his phone as identity, and the passwords being sent to the phone.
It appears that fraudsters have identified a significant vulnerability in the way banks are using their customers’ mobiles to identify them – and exploiting it to the max.
“One minute I’m wondering why my phone won’t work, and less than two hours later my bank account has been emptied and I have lost Ksh.500,000/= says a still shocked Sims.
“They appear to have used the phone to tell my mobile service provider that I had forgotten all my online bank settings. When my settings were reset, the bank sent notification to my phone – which of course, went to the fraudsters.
Before a SIM can be cancelled and reissued, the mobile phone network will ask a number of security questions, which only the phone owner should know the answer to. This suggests that fraudsters have already gathered a considerable amount of information on their victim. The mobile phone companies say these details may have been hoovered up from social media accounts such as Facebook, or possibly bought on the “dark web”. But they also admit that they and the banks need to do more to fight this new menace.
But Sims is just the latest victim of a financial scam that is sweeping Kenya: SIM-swap fraud.
WHAT IS SIM SWAP FRAUD ?
SIM Swap fraud is a type of Spear Phishing (targeted) attack. It is more complex than SIM-Swap-FraudPhishing (duping) and is particularly insidious. The bad news is that a fraudster has decided to target an individual and has sufficient knowledge of the individual’s personal details to be able to carry out these attacks. Also, because the attack is typically cross channel, individuals will not intuitively deduce that they are under attack – how many people would immediately suspect that their bank account was under attack if they suddenly stopped receiving calls on their mobile, for example?
The good news is that there is a technological solution to the problem. It is already possible to tell if a mobile number has been ported, then prevent transactions being authorised using that particular phone unless other indicators suggest the swap was in fact legitimate.
If the banks move quickly they can cut off yet another of the fraudster’s routes into our money and at the same time improve their own customer service. SIMple!

What do you know about Bitcoins?

 

The Central Bank of Kenya has issued a warning to persons trading in bitcoin and other virtual currencies that the cryptocurrencies are insecure and could be used to fund criminal activity.

In a public notice  the CBK stated that Bitcoin and other virtual currencies are not recognized as legal tender in Kenya, and as such, it would not protect users in the event the platforms that exchanges or holds the virtual currency fails. 

Bitcoin first appeared in January 2009, the creation of a computer programmer using the pseudonym Satoshi Nakamoto. His invention is

Central Bank Bit Coin Notice an open-source (its controlling computer code is open to public view), peer-to-peer (transactions do not require a third-party intermediary such as PayPal or Visa) digital currency (being electronic with no physical manifestation).

 

The Bitcoin system is private, with no traditional financial institutions involved in transactions. Unlike earlier digital currencies that had some central controlling person or entity, the Bitcoin network is completely decentralized, with all parts of transactions performed by the users of the system. With a Bitcoin transaction, there is no third-party intermediary. The buyer and seller interact directly (peer to peer), but their identities are encrypted and no personal information is transferred from one to the other.

However, unlike a fully anonymous transaction, there is a transaction record. A full transaction record of every Bitcoin and every Bitcoin user’s encrypted identity is maintained on the public ledger. For this reason, Bitcoin transactions are thought to be pseudonymous, not anonymous. Although the scale of Bitcoin use has increased substantially, it still remains small in comparison to traditional electronic payments systems, such as credit cards, and the use of dollars as a circulating currency.

 

How Does the Bitcoin System Work?

Bitcoin is sometimes referred to as a cryptocurrency because it relies on the principles of cryptography (communication that is secure from view of third parties) to validate transactions and govern the production of the currency itself. Each Bitcoin and each user is encrypted with a unique identity, and each transaction is recorded on a decentralized public ledger (also called a distributed ledger or a blockchain) that is visible to all computers on the network but does not reveal any personal information about the involved parties. Cryptographic techniques enable special users on the bitcoin network, known as miners, to gather together blocks of new transactions and compete to verify that the transactions are valid—that the buyer has the amount of Bitcoin being spent and has transferred that amount to the seller’s account. For providing this service, miners that successfully verify a block of transactions are rewarded by the network’s controlling computer algorithm with 25 newly created Bitcoins. This decentralized management of the public ledger is the distinguishing technological attribute of Bitcoin (and other decentralized cryptocurrencies) because it solves the so-called double spending problem (i.e., spending money you do not own by use of forgery or counterfeiting) and the attendant need for a trusted third party (such as a bank or credit card company) to verify the integrity of electronic transactions between a buyer and a seller. Public ledger technology could have implications not just for the traditional payments system but possibly also for a wide spectrum of transactions (e.g., stocks, bonds, and other financial assets) in which records are stored digitally.

It is important to note that, even though Bitcoin is not legal tender in Kenya, there is no official “ban” on virtual currencies in the country either. Warnings like these are meant to warn the everyday consumer about the possible pitfalls associated with digital currency, and how they should be aware of these risks.

*** more posts to follow**

Consumer Responsibilities

 

Anwar-FazalIn the 1980s, CI’s then president, led the call to also introduce a set of consumer responsibilities to compliment consumer rights.

These remain crucial principles for many consumer rights organisations today:

Critical awareness – consumers must be awakened to be more questioning about the provision of the quality of goods and services.
Involvement or action – consumers must assert themselves and act to ensure that they get a fair deal.
Social responsibility – consumers must act with social responsibility, with concern and sensitivity to the impact of their actions on other citizens, in particular, in relation to disadvantaged groups in the community and in relation to the economic and social realties prevailing.
Ecological responsibility – there must be a heightened sensitivity to the impact of consumer decisions on the physical environment, which must be developed to a harmonious way, promoting conservation as the most critical factor in improving the real quality of life for the present and the future.
Solidarity – the best and most effective action is through cooperative efforts through the formation of consumer/citizen groups who together can have the strength and influence to ensure that adequate attention is given to the consumer interest.

source: http://www.consumersinternational.org/who-we-are/consumer-rights/

Consumer Rights

On 15 March, 1962, US President John F. Kennedy delivered an historic address to the US Congress in which he outlined his vision of consumer rights. This was the first time any politician had formerly set out such principles.

‘Consumers by definition, include us all,’ Kennedy said in his Congressional Statement, ‘They are the largest economic group, affecting and affected by almost every public and private economic decision. Yet they are the only important group… whose views are often not heard.’

Over time, the consumer movement has developed this vision into a set of eight basic consumer rights that now define and inspire much of the work CI and its members do (around areas such as financial services and communications):

The right to satisfaction of basic needs – To have access to basic, essential goods and services: adequate food, clothing, shelter, health care, education, public utilities, water and sanitation.
The right to safety – To be protected against products, production processes and services that are hazardous to health or life.
The right to be informed – To be given the facts needed to make an informed choice, and to be protected against dishonest or misleading advertising and labelling.
The right to choose – To be able to select from a range of products and services, offered at competitive prices with an assurance of satisfactory quality.
The right to be heard – To have consumer interests represented in the making and execution of government policy, and in the development of products and services.
The right to redress – To receive a fair settlement of just claims, including compensation for misrepresentation, shoddy goods or unsatisfactory services.
The right to consumer education – To acquire knowledge and skills needed to make informed, confident choices about goods and services, while being aware of basic consumer rights and responsibilities and how to act on them.
The right to a healthy environment -To live and work in an environment that is non-threatening to the well-being of present and future generations.

 

source http://www.consumersinternational.org/who-we-are/consumer-rights/

How to Prevent Online Shopping and Debit Card Fraud.

The Electronic Payments System is being targeted more and more by fraud. In order to prevent you from being a victim, always be vigilant with your debit card activities. The ease of shopping and comparing products and prices online has made it an attractive option for many shoppers. If you notice any unusual debit card activity on your statement, please notify the bank immediately to see what your bank can do to help.

Using a card provides you with extra protection if things go wrong – protection that you don’t necessarily have if you pay by cheque or cash. In addition to this extra protection provided, there are steps you can take to safeguard yourself.

Incorporating the practices listed below into your daily routine can help keep your cards and account numbers safe.

  • Check your statements. Don’t wait for the statement to come; check your online banking regularly. Watch for transactions that you didn’t make.
  • Limit your online purchasing to one card. When you use more cards, you allow access to more accounts.
  • Invest in a reloadable card when making online purchases. Reloadable cards allow you to limit the amount you place on the card and are not linked to your bank account. For example the Nakumatt Global Card and the KCB Pepea Card
  • Open a second checking account specially used for internet purchases. Don’t allow this account to be connected to your other accounts. Transfer only the purchase amount into the account.
  • Keep record of your internet transactions. Check your email for a confirmation after you have made purchases online. Verify your mailing address with the post office and  ­financial institutions.
  • Save your receipts to compare with your statement.
  • Don’t give your information out over the phone unless you’ve made the call to a company you know.
  • Your bank should have your information on file, so, don’t give out any personal or card number information if you receive a call to “verify fraudulent activity.
  • Use an online payment service like PayPal.
  • Use familiar websites. If you’ve never done business with them before, ­first do an online search for reviews or complaints.
  • Destroy your card when it expires or when a new card becomes effective.
  • Memorize your PIN. Do not write it on your card or keep it with you. Never give it out.
  • Remember to pick up your ATM receipts before leaving the ATM.
  • Be aware of added fixtures to ATMs, Skimming devices allow fraudsters to collect card and PIN information.

Finally, your card company should be your first point of contact – not the police. It will be up to your card company and not you the account holder, to pass details to the police. Where an additional crime has been committed with the fraud, for example, you have had your wallet stolen or your card used fraudulently as a result of a burglary, or if you want to claim on your household goods then this should still be reported to the police.

Will you read this article about ONLINE terms and conditions? You really should do

We live in a time of terms and conditions. Never before have we signed or agreed so many. But one thing hasn’t changed: we still rarely read them.T AND CC )
While companies need to protect their interests given the frivolous lawsuits in vogue, you should know when terms and conditions become more than standard operating procedure and turn into ransom notes. The consumer is forced to agree to the terms in order to proceed to the next step, whether it is to use a service or install software.
Here are some of the things that you should look for before clicking ‘I accept’.
                                                                                               Free mobile apps
INTERNET T AND CMany so-called free apps for your smartphone or tablet are supported by ads. Read through the terms—the app could be accessing your personal information, mainly to deliver targeted ads. Also, as mobile ads will be delivered whenever the app is active, it will add to your data usage at the end of the month.
Photo sharing and printing websites
You own the intellectual property rights to your photographs, but what happens if you upload themT AND C to a photo sharing website? Who owns them if you upload them to a stock photo site? Or to a photo printing website? You might be shocked to learn that several photo sharing/printing websites retain the right to use your photographs in any way they see fit in a ‘perpetual and irrevocable’ manner. So, check before uploading.
Buying online/booking tickets
This is one area that can have a lot of ambiguity. Do manufacturer warranties apply to products bought online? What happens if there is a defect or you need to return the item? If case of airline tickets, prices are volatile and you need to read the fine print to make sure that you can return and get a refund. Many ‘special fare tickets’ are sold on the condition that they will not be returned/refunded.
Protecting Twitter & Facebook accounts
A rising trend points towards websites allowing you to sign in and start using their services by using your existing Twitter, Google or Facebook ID. Though you skip the registration process (which encourages more users), the website identifies its visitor and gets more information. This is officially allowed using Facebook, Google connect and Twitter sign in. However, you may find automated posts and tweets being sent on your behalf. Check the permissions you are granting the site or app before allowing access to your account. If it says ‘Allow app/site to post/send tweet’ or ‘Grant permission to post on your behalf’, cancel and run.
Online shopping
Have you ever thought how your name and e-mail address find their way to various websites that you have never heard of? Whenever you sign up for newsletters, to comment on an article you read, or for a community forum, your personal information can be misused. Not only could this website start sending you e-mail spam (special offers, notices), but could even sell your e-mail ID to third parties without your consent.
Sharing personal information on e-mail
Ever notice how the text ads in your e-mail inbox are creepily ‘right on the money’? All the baby clothing store ads appear if you’ve had a baby. Camera stores materialise if you’re a photographer and local restaurants pop up if you’re discussing a dinner date with a friend. Targeted ads, especially those with accurate location and demographics, can earn a lot of money. By agreeing to the terms, you become the conduit.
By accepting these terms, you are literally agreeing to anything and everything the service imagesprovider may ask of you, now or in the future, as long as you are availing of its services. There aren’t too many ways out of the situation, other than opting for another service provider. However, needless to say, it is time you started reading the terms carefully, and more frequently.