Why Is Nigeria Stuck Using Card PINs on the Internet? A Fraudster’s Paradise, or Just a Case of Misguided Innovation?

Picture this: You’re online, ready to pay for something that caught your eye, maybe that shoe you’ll probably wear once or a flashy Ashebi you don’t need. You confidently enter your card details, and then the system cheerfully asks, “Enter your Card PIN.” If you’re in Nigeria or other parts of Africa, this might seem normal. But let me shock you: this is not just abnormal; it’s downright dangerous and madness.

Entering card PINs online? Suggest it in a boardroom, and you’d probably get laughed out faster than someone saying, 'Let’s bring back fax machines.'

And honestly, Visa and Mastercard finally catching up with dynamic OTPs for card-not-present transactions is like someone showing up fashionably late, only in this case, it's years late. Back in 2005, when I suggested this at the University of Liverpool, they were still parading around with static passwords in the name of '3D Secure' - or as I like to call it, '3D Vulnerability.' And don’t get me started on 'Mastercard Secure Code.' More like 'Mastercard inSecure Code,' am I right? LOL.

Using card PINs on the internet is a global no-no. Seriously, it’s not a thing. As for any valid defence from a payment service provider demanding PINs in a card-not-present environment? That’s about as defensible as showing up to a job interview in pyjamas.

So, the big question is: Why is it happening in Africa? Did someone wake up one day and think, “Hey, let’s make online payments less secure and easier for fraudsters”?

I am not laughing, I am furious with global payment giants Visa and Mastercard for not putting a stop to this madness. Visa and Mastercard have failed the Nigerian payment industry and every other African country where this is allowed. They know better but have turned a blind eye for far too long, prioritizing profits over security. Ouch.

The point is, Visa and Mastercard aren’t just middlemen connecting banks; they’re supposed to be the Beyoncé of payment systems , trendsetters, innovators, the ones you trust to keep your financial house in order. Instead, they’ve let this absurd practice continue, leaving people wide open to fraud.

Here’s how it works: Your card PIN is like the master key to your bank account. Once a fraudster has that, plus the other basic card details, they can pretty much clone your card and take your money faster than you can say “unauthorized transaction.” What’s left? You’re gone literally. Your card becomes a shared tool between you and a fraudster.

But let’s not blame Visa and Mastercard alone. Somewhere in the mix, there’s also a local lack of enforcement, innovation, or maybe just plain common sense. It’s as if no one is paying attention to what’s safe or not. They’re just winging it, and consumers are paying the price literally.

The solution? It’s simple, really: stop asking for card PINs in online transactions. Adopt global best practices like two-factor authentication and tokenization. It’s not rocket science, though even if, a doctor of information security, could probably handle that too.

In the meantime, Nigerians and other Africans using this flawed system should keep one eye on their bank accounts and the other on regulatory agencies. Because if we don’t demand change, who will?

So, here’s to hoping the powers-that-be finally wake up and realise that asking for card PINs online is not just bad practice - it’s an open invitation to fraudsters. Until then Hold on to your wallet of Bank account and pray.