Cloning, Counterfeiting and Fraud in digital payments – what to know to stay safe

Rufaro Madamombe Avatar
bank cards with US dollars

The second topic being discussed at the Mobile money and Digital payments conference at Meikles hotel is discussing Cloning, Counterfeiting and Fraud in mobile money and digital payments. The discussion was kick started by a presentation from Jaqueline Malaba, the business development manager at Visa Card.

Her discussion touched on how digital payments are more accessible now since 4.9 Billion devices were reported to be connected in 2015. She also shared how it’s estimated that around 25 billion devices will be connected to the internet by 2020. The talk then progressed to show how security and innovation produce a complicated situation.

With the rise in the number of different payment methods people can use, how can people stay secure while transacting online? She shared some of the techniques that could be used, for example, not giving out too much personal information on social media and also not directly entering your card details online for transactions. A safer method according to her would be to use a different platform like PayPal and then link your card to that platform.

In this case, you’d then use your PayPal details to make an online payment and protect your card details. After her presentation, the panelists then started to discuss more on this topic and what things are happening within the digital payments ecosystem. Something that came out was the fact that very few people are aware of how things are happening when they transact using plastic or mobile money. Due to not having enough information, people can be hacked easily as they don’t know how to protect themselves.

The discussion then pointed out how our cards work, which methods are safer and how to increase safety. There are currently 2 types of cards that we are familiar with locally. The first one is the good old card with a black strip at the back which uses a magnetic strip for transactions. This type of debit card is not that safe as most of your information is stored on that strip and hackers can use devices called skimmers to obtain that information. After obtaining that information they can then sell it or use it to make fraud payments.

This vulnerability has been known worldwide for sometime and recently, we’ve started to see some local banks stopping to use such type of cards. The other type of card which is safer than the previous one is called an EMV card. It is the one that some local banks are migrating to as it uses a chip card technology to process payments. The chip is encrypted and thus hackers can’t easily steal your information or clone your card.

As the discussion went on, someone in the audience outlined that they once processed a payment using that card without actually having to enter their pin number. Just like what Jacqueline outlined earlier, innovation + security = complicated. Authur Matsaudza from Steward Bank, then explained how this was possible. In a nutshell, there are two types of transactions: card present transaction and card not present transaction.

The first one requires you to enter your pin while the other one can work without your pin. The second one can work without a pin because the card has a card number at the front and a second card verification value at the back. Using these two pieces of information, a transaction can be processed if they’re entered into a point of sale machine or online.

Upon these revelations, a suggestion given to stay safe when transacting was to use what the finance sector calls¬†3D authentication. This is when your bank, your card and the receiver’s bank work together to make sure that the transaction was authorized by you. So each time a transaction has to be processed, a one time pin has to be sent to you.

Other measures offered where to never give a waiter at a restaurant or anyone else your card for them to process the payment especially if you have the EMV card due to the reason outlined above. Banks still have to improve the safety of transacting online or even physically using their cards. More importantly, they should educate their customers on what can actually happen to make them vulnerable and how they can secure themselves.



  1. Anonymous

    You need to get your work proof-read by a peer Rufaro. There are number of punctuation mistakes and that just comes of as either being careless with your work or not so fluent in English.

    “This vulnerability has been known worldwide for sometimes and…”
    “After her presentation, The…”
    “Some thing that came…”

    1. Rufaro Madamombe

      Thanks hey… I will improve.

  2. Anonymous

    Interesting Insights

  3. Ash

    I have also heard of people who duplicate websites and this is how they still money
    You open a website of a company you know to make a payment but, when transacting you are redirecting to another website that looks exactly the same as the one you were using so you should be careful. The duplicate website is however easy to identify because the “URLs” usually have underscores”_” and numbers like 2, etc

2023 © Techzim All rights reserved. Hosted By Cloud Unboxed