It’s almost that time of the year again, folks. When South Africa falls victim to Black Friday mania and shoppers rush to stores (we hope not) to grab the best deals first.
You might recall that several banks fell victim to a cyber-attack during Black Friday 2019, which caused customers to experience delays and issues with transactions.
A “ransom note” was delivered via email to South African banks in what was described as a “multi-jurisdictional attack”, meaning that several countries were targeted. But there are other dangers to consider as well.
BLACK FRIDAY 2020 SAFETY CONCERNS
If you plan to head to the brick-n-mortar stores, retailers and businesses will have to implement social distancing protocols while also handling the influx of customers.
PayJustNow CEO Craig Newborn explains that Black Friday is the “best time of the year for consumers” to buy all those things we’ve been dreaming of all year. However, Newborn warns:
“I get shivers thinking about how dangerous it is going to be thrust amongst hordes of shoppers desperate to get their hands on their prize”.
It’s safe to assume that the bulk of shopping this year will take place online. While your chances of getting COVID-19 is significantly smaller, there’s another set of risks you should be concerned about.
ONLINE SHOPPING AND INSTANT EFT
There are several security measures in place to protect you when making instant EFT payments while shopping online, and you should be aware of these measures, as well as their limits.
Jason Viljoen, Head of FNB Digital Payments, spoke to iAfrica earlier this year and explained why South African consumers must be careful when using third-party online payment platforms.
“We encourage customers to enjoy the convenience of online purchases, but to be equally as cautious about the services they choose for digital payments. We remain committed to providing our customers with efficient and safe payment solutions while protecting them against being vulnerable to fraud. The recent announcement of our imminent innovative virtual card capability further highlights this commitment”.
1. TWO-FACTOR AUTHENTICATION
An instant EFT provider will also access your bank via the website in the same way you normally would. It should therefore inherit the security measures from the site.
With this in mind, the final step in the payment will always be secure two-factor authentication.
Should you not receive a notification to verify the transaction via OTP, USSD, or OTP in-app approval your account may have been compromised, and you must contact your bank immediately.
2. CI DSS COMPLIANCE STAMP
The site should display the PCI DSS (Payment Card Industry Data Security Standard) compliance stamp. This stamp applies to any company which accepts credit card payments.
It assures customers that the payment processor is storing the data securely on a PCI compliant host. The company should be utilizing industry-accepted standards and procedures when dealing with your personal information.
3. EV SSL CERTIFICATE
The site should also have an EV SSL certificate. This is basically an indication of the level of security on the site. Check for the green lock next to the URL and that the URL itself is green before making payment.
Before initiating payment, look for a disclaimer from the payment provider explaining their role in facilitating the payment. It should also include how your information is being protected.
4. THAWTE CERTIFICATION
The next thing to look for is the Thawte certificate. The Thawte certificate is essentially an indication that you’re visiting a safe site using a legitimate SSL certificate.
Be on the lookout for this stamp and that the date reflects the current date before proceeding with payment. Also, click the stamp to verify that the certificate is valid.
Source: The South African