Kenya, bracing for $23 million in online fraud, to support African cybercrime pact

African Union ministers will meet next month on a legal framework for a regional deal on cybercrime efforts

Amid revelations that Kenya could lose up to US$23 million this year through cybercrime, the Kenyan government has announced its support for the ratification of the African Union (AU) convention on the establishment of a credible legal framework for cybersecurity in Africa.

According to cybercrime statistics released by Fred Matiangi, the Kenyan cabinet secretary for information and communication technology (ICT), the banking industry is the most affected by cybercrime.

As more Africans use the Internet for their banking needs, the number of fraudsters eyeing online financial transactions has also multiplied. The Kenyan government statistics indicate that on a daily basis, close to 1,000 Kenyans fall victim to Internet fraud.

Meanwhile, Africa's heads of state are expected to meet in January next year to discuss the ratification of the AU convention on the establishment of a legal framework for cybersecurity in the region. The AU convention on the establishment of the legal framework seeks to harmonize African legislation related to e-commerce, personal data protection and cybercrime control.

Two months ago, the Kenyan government announced it would assign each person using the Internet a virtual identity in a bid to curb the rising tide of cybercrime. Through the Kenya ICT Board, the government said it would soon establish a public key infrastructure, which will allocate virtual identities to Internet users.

The publicity surrounding the region's cybercrime is raising fears that Africa may face a slowdown in international investment in the telecom as well as the financial sectors. In Southern Africa, Zambia, Zimbabwe and South Africa have in particular been experiencing an increase in mobile and Internet banking fraud, resulting in millions of dollars in losses.

A number of local and international banks in Zambia and South Africa have reported phishing attacks on their Internet banking systems, and in some cases they have been forced to temporarily close branches to protect customers' money.

Officials in these countries have been warning banks that they should not compromise on security in light of the increased risks.

In East Africa, Kenya has been hit the hardest while in West Africa, Nigeria and Ghana have suffered the most attacks.

Africa is experiencing an explosion of mobile money services as banks and mobile service providers compete for customers who would otherwise not have a bank account. This has increased phishing activities on unsuspecting customers, in an effort to lure them to fake sites.

Banks in the region are encouraged by the growing mobile customer base to launch innovative payment options to reach millions of the so-called "unbanked." But that is putting citizens more at risk of cybercrime. In South Africa, there are more than 13 million unbanked people while in Zambia, 60 percent of the population is currently unbanked.

The problem has further been compounded by the fact that very few banks in the region that provide Internet banking services are also able to offer security software to curb cybersecurity attacks.

"The AU convention will help move faster the harmonization of cyberlaws and give authority to countries to arrest and prosecute cybercriminals regardless of where the offense was committed. This will help in the fight against cybercrime," said Edith Mwale, telecom analyst at Africa Center for ICT Development.

Cybercrime in the region is said to have increased following the lowering of bandwidth and connectivity costs as mobile service providers and international cables compete for customers. Over the past few years, African has been trying to harmonize cyberlaws to deal with cross-border criminals by allowing member countries to prosecute criminals wherever a crime is committed in the region. However, progress has been slow in several countries.

Tags legislation

Show Comments