Background
The CBN’s (Central Bank of Nigeria) 2020 Guidelines on Operations of Electronic Payment Channels in Nigeria (the “Guidelines on Operation of Electronic Payment Channels”) regulate POS Terminal identification, configuration, certification and deployment in Nigeria.
The 2020 Guidelines on Operation of Electronic Payment Channels superseded the 2016 Guidelines on Operation of Electronic Payment Channels in Nigeria.
The Guidelines on Point of Sale (POS) Card Acceptance Services (2011) is not part of the legal regime for POS operations in Nigeria because the 2016 Guidelines on Operation of Electronic Payment Channels superseded the Guidelines on POS Card Acceptance Services, and Standards and Guidelines on ATM Operations in Nigeria.
Nigeria Inter-Bank Settlement System Plc (NIBSS), owned by all deposit-taking banks, warehouses Nigeria’s Terminal Management System (TMS) and is the sole Payment Terminal Service Aggregator (“PTSA”) for Nigeria’s payment terminal services. – NIBSS underscores the DMBs’ (deposit money banks) impact on payment and fintech infrastructure in Nigeria’s financial technology space.
The widespread perspective that Fintech disrupts financial services is proper only when we recognize the DMBs as critical stakeholders in the fintech infrastructures.
A Payment Terminal Service Provider (“PTSP”) interfaces with NIBSS, the PTSA, on POS (Point of Sale) identification, configuration and certification.
According to Investopedia, a POS Terminal or device is used to process payments or purchases. POS may be traditional POS or Andriod POS. A cash register is a POS as well.
NIBSS requires registration of any biometric payment device on its TMS. POS terminals identified on TMS enable routing payments on NIBSS’ national central switch and other payment switches.
A contactless payment is a POS terminal. Digital POS or downloadable POS application convert a mobile phone into a POS. Digital POS or downloadable POS applications differ from the Android POS, which is a POS that functions on the Android operating system but not on an Android smartphone.
POS Terminal Identification
Every POS Terminal in Nigeria has an assigned terminal ID (identification) number and the OEM (original equipment manufacturer) number. The acquirers (banks) give a terminal ID to the Fintech, usually a PSSs (Payment Solution Services), microfinance banks, MMOs (mobile money operators) and PSSPs (Payment Solution Service Providers), Merchants (all the “Merchant Acquirer”).
These are entities that the CBN permits to own POS. PTSPs (Payment Terminal Service Providers) configure, deploy, maintain and service POS devices in Nigeria’s Fintech sector.
POS Terminal Configuration
A PTSP ensures the registration of a POS terminal on NIBSS’ TMS. A PTAD (Payment Terminal Application Development) certification is per POS terminal registered on the TMS.
We commented on a PTSP’s licencing regime here. Specifically, a PTSP configures, deploys, maintains and services POS terminal for the Merchant Acquirers in Nigeria.
PTSPs earn a PTSP fee. Given the paucity of funding in Nigeria’s Fintech space, a PTSP readily shares its PTSP fees with Merchant Acquirers that could finance POS device purchases.
NIBSS is empowered to negotiate with any OEM for a discounted supply of POS devices to Nigerian operators. We are unaware that NIBSS has implemented the nationally negotiated discount supply of POS devices.
POS Identification and Fraud
POS terminal IDs are the unique identification number of each deployed POS device in Nigeria. In the event of fraud, the banks can identify the POS agents or retail shops to which the POS device is assigned.
In agency banking, the banks know the POS agent and the Merchant Acquirers. The Merchant Acquirers see the location of each POS device. POS terminals are rendered inactive after 30 days of no transaction.
Merchant Acquirers beat the curve by ensuring a functional POS terminal retrieval policy. Once a POS device is retrieved, the POS terminal ID is returned to a terminal docket and reassigned before the 30th day to avoid inactivity and redundancy.
Nigeria’s POS payment system reduces fraud. But debit cardholders compromise their ATM card sensitive details. Sometimes, insider or internal card-related scams occur in the financial system.
A cardholder, the card issuer, or corresponding banks may hot-list a debit (ATM) card in Nigeria. A trapped debit (ATM) card is disabled or hot-listed the business day in Nigeria.
Card Issuer is liable for fraud on hot-listed cards unless the cardholder contributed to the scam by compromising sensitive details such as card PAN (permanent account number) or the long number printed on your debit (ATM) card or the PIN.
Conclusion
Legal regimes for assets tracing arising from fintech frauds and fintech fraud investigations are cumbersome and cost intensive. It costs an average of one hundred thousand for the Nigeria Police to obtain a post-no-debit (PND) order or an order requesting the banks and Fintech to disclose consumers’ financial transaction data.
Indeed, the lifespan of such an application for disclosure of financial transaction date or post-no-debit (PND) order at the federal high court is one month to three months.
POS terminal identification, configuration, certification and deployment minimize fraud in Nigeria’s payment industry. Cardholders must treat card details and PIN as sensitive personal details.