Concerns over data protection and cyber security continue to loom as Nigerians fear data compromise  arising from flawed processes or human factor abuse, as agencies including telecommunications companies, banks and government  build up biometric and fact banks on their customers.

Stakeholders say the practice by the above agencies, of asking their publics to first document their personal details on paper before transferring to electronic form is dangerous, as these hard copies become prone to abuse  by identity thieves, who use these sensitive information for obnoxious purposes.

This argument is  reinforced by a cyber survey conducted recently which showed that Nigeria is the most internet fraudulent country in Africa and third in the world.

The report contained in a global computer crime and security survey showed that the rise of the internet in Nigeria has come with an unintended consequence- cybercrime.

The  information needed for  SIM card registration or KYC details for BVN registration are the same details asked for verification on online or mobile transactions with your bank. A stolen identity therefore means that the person has unlimited access to your online identity.

Experts say that even after the Senate finally passed the cybercrime bill into law after almost 15 years of deliberation as to whether or not the country needed such a law, Nigerians are still at risk of being attacked in the virtual space because of the way personal data is being collected and handled by the said establishments and others.

Chineye Mba- Uzoukwu, Managing Partner, Grand Central Information Technology, said recently at a breakfast dialogue series themed ‘Identity is the new Money’, that it is very easy for Nigerians to be scammed online due to compromise of data given out.

“We go to banks to register for Bank Verification Numbers (BVN) or to the telcos to register our SIM cards and they tell us to write down our details, such as our mother’s maiden name, date of birth, house address, etc, on a sheet of paper.

“These are the same details that we would be asked to use in verifying our identity when we call the bank for a transaction. Have we ever asked where these papers end up? Are they shredded or burnt after the information is imputed in a computer, or are they just left to fly around?

“The telco registration was a disaster and that is why they kept asking us to re-register. Some people have been asked to write down their details on different sheets of paper that are nowhere to be found, hence the re-occurrence.

“ What is to say that someone has not seen your data somewhere and stolen your identity? We would never know because people tie stolen identity only to loss of money,” he said.

Sharing the same view, Yemi Okunoren, an information technology and data centre analyst, said that “the unprofessional data collection by the telcos and handling of hard copy forms is a high security concern, as a stolen identity can make one lose so many other things apart from money. For example, your reputation and integrity.”

According to Okunoren, we have data retention laws but not a data privacy law in Nigeria.

“A few months ago, some people needed to send out broadcast messages to people living in Ilorin about a particular service being provided in the area. They went to the telcos who refused to give out their customers’ numbers and so, they just went to the motor park in Lagos where buses to Ilorin take-off from, gave the bus driver some money and the driver gave him the list where the commuters had written their names, addresses, next of kin and phone numbers. This means that your data is not safe, written on paper,” he said.

However, Peter Ejiofor, who works for a data security company, said that the telcos and banks have the responsibility to protect all data in their custody.

A cyber security report by Check Point Software Technologies Limited, last year, revealed that cybercriminals are not the only threat to the integrity and security of corporate data. Just as quickly as a hacker could penetrate a network, in-network actions can also easily result in data loss.

Check Point found that data can unknowingly leak out of any organisation for a variety of reasons, most of those tied to current and past employee actions in handling given data.

The report stated that while most security strategies focus on data protecting from hackers coming in, it is equally important to protect data from the inside out, by way of handling and processing such data.

Jumoke Akiyode

Nigeria's leading finance and market intelligence news report. Also home to expert opinion and commentary on politics, sports, lifestyle, and more

Join BusinessDay whatsapp Channel, to stay up to date

Open In Whatsapp