The Need for Uniform Payment Security Standards in Nigeria: A Call for MasterCard and Visa Accountability

The presence of MasterCard in Nigeria marks a significant milestone, signalling a commitment to expanding digital finance and supporting the growth of the card payment ecosystem. However, there are critical concerns regarding the practices of MasterCard in Nigeria, practices that suggest manipulation and divergence from international standards, potentially jeopardizing the integrity of the national identity and card payment systems. This report examines the questionable alignment of the National Identity Card with MasterCard branding and the use of card PINs in card-not-present (CNP) transactions, a practice that is rarely seen in other parts of the world. It calls for MasterCard and Visa to uphold the same standards of payment security and customer authentication as seen in other regions or to reassess their approach to operating within the Nigerian market.

The National Identity Card: An Instrument for National Identity, Not Payment

Across the globe, national identity cards serve as instruments of personal identification, issued by governments to certify citizenship and authenticate personal identity. However, in Nigeria, the alignment of the National Identity Card with the MasterCard brand has created confusion over its purpose. By allowing a private brand to share space with a government-issued identity card, MasterCard has established a model that blurs the lines between national identity and commercial interests. This approach is unprecedented and raises ethical concerns about the role of international corporations in national identification programs.

Turning a national identity card into a payment card promotes MasterCard’s commercial agenda over the sanctity of Nigeria’s identity system. This alignment has encouraged adoption but appears to have been achieved through tactics that could be deemed exploitative. If the primary purpose of an identity card is to verify identity and national citizenship, the endorsement of a private financial brand is, at best, a strategic misstep and, at worst, an improper intrusion into national sovereignty.

Questionable Payment Security Practices in Nigeria: PIN Usage in Card-Not-Present Transactions

Another significant deviation from global standards in Nigeria's card payment ecosystem is the reported allowance for the use of a card's PIN in card-not-present (CNP) environments. In most Western markets, payment card PINs are reserved strictly for physical, card-present transactions, where the security of the card and its holder can be verified in real-time. Allowing PINs in CNP transactions undermines the inherent security that PINs are supposed to provide, exposing consumers to higher risks of fraud, unauthorized transactions, and financial loss.

This departure from international norms suggests an attempt by MasterCard and Visa to lower barriers to card usage in Nigeria by relaxing security protocols. However, these practices may be placing Nigerian users at a disproportionate risk compared to their Western counterparts, compromising the integrity of the entire card payment infrastructure.

The Need for Strong Customer Authentication (SCA)

Strong Customer Authentication (SCA) is a regulatory requirement in Europe, introduced to reduce fraud and increase the security of electronic payments. This security protocol mandates two-factor authentication for online payments, ensuring that transactions are authorized securely and appropriately. Despite being implemented with the support of both MasterCard and Visa in the West, there appears to be a lack of similar protections for Nigerian consumers, putting them at a security disadvantage.

If SCA protocols have been proven effective in reducing fraud in the West, why should Nigerian consumers not benefit from the same level of security? A double standard that overlooks these essential protections is not only unjust but also indicative of an unequal commitment to consumer safety between markets. This discrepancy implies that MasterCard and Visa have prioritized market penetration over the safety and well-being of Nigerian consumers, fostering an ecosystem that may be more vulnerable to fraud and misuse.

Recommendations for MasterCard and Visa in Nigeria

To uphold the integrity of Nigeria’s card payment ecosystem and align it with global standards, the following recommendations are crucial:

1. Decouple the National Identity Card from Commercial Branding: MasterCard should immediately reconsider its association with the Nigerian National Identity Card, allowing it to serve its primary role as an instrument of national identity rather than a payment vehicle.
2. Enforce Global Payment Security Standards: MasterCard and Visa should ensure that all security measures and protocols applied in Western markets, such as restricting PIN usage to card-present transactions, are equally enforced in Nigeria to protect consumers.
3. Implement Strong Customer Authentication (SCA): Nigerian consumers deserve the same high-security standards as those in Europe, North America, and other regions. (Internet, mobile banking apps, SMS gateways and all the technologies SCA requires are in Nigeria) Implementing SCA with compliance will help reduce fraudulent transactions and build consumer trust in digital payment systems.
4. Increase Transparency and Collaboration: MasterCard and Visa must collaborate closely with Nigerian regulatory authorities and their Issuers in Nigeria to promote secure, consumer-first payment practices. Transparency in their operations and clear accountability measures are essential to maintain the integrity of Nigeria’s card payment landscape.

MasterCard’s and Visa’s ongoing activities in Nigeria have raised legitimate questions about their commitment to ethical practices, consumer security, and transparency. Nigerian consumers have the right to expect the same level of security and consumer protection that MasterCard and Visa provide in Western markets. Without immediate action to align with global standards, both companies risk eroding trust in digital payments in Nigeria, undermining the very foundation of the card payment ecosystem they are seeking to expand.

In this context, the Nigerian government and Central Bank must demand compliance with globally accepted payment security protocols. If MasterCard and Visa cannot uphold these standards, it may be necessary to reassess their role within the Nigerian payment landscape and consider alternative partnerships that prioritize security and transparency.