Bayobab is a Platinum Sponsor at the 17th edition of Telecom Review Leaders’ Summit. In line with this, Telecom Review held an exclusive interview featuring Kedar Gupte, Bayobab's Chief Mobility Business Officer, where he emphasized the significance of a one-time-password and highlighted the collective responsibility of both the corporation and end-users in combatting fraud and safeguarding our digital presence.
Please Enter Your OTP
How many times have you been prompted to enter your one-time password (OTP) this year? You have probably lost count. An OTP allows for exclusive access to an account and minimizes the risk of account misuse. Unlike user-created passwords, OTPs are random characters which are usually challenging to remember and often have a time limit of 60 seconds or less.
A study commissioned by Electronics Hub, an electronics engineering organisation based in India, revealed that people across the globe spend an average of 6 hours and 37 minutes in front of screens – with South Africa being the country with the highest screen time, where users spend 58.2% of their day on a computer or mobile device. Japan, the third-largest economy in the world has the lowest screen time of 21.70%. For context, according to the Economist’s 1843 magazine, the average person is awake between 16.5 and 17.5 hours per day.
This increase in data consumption and penetration of smart devices presents various sophisticated identity fraud risks in Africa’s growing digital economy. The most obvious way to mitigate these risks is password protection, however recent cybercriminal behaviour has reinforced the need for companies, governments, and hyperscalers (Meta, Amazon, Google etc.) to double down on their user authentication needs. A recent paper published on Core notes found that passwords have dominated human-computer authentication for 50 years.
In the early 2010s, we began to witness the emergence of several online services such as Facebook, Google, and Twitter, deploying free smartphone applications to act as a second factor based on the emerging time-based-one-time-pad (TOTP) standard. Other services send codes via short message service (SMS) as a backup authentication mechanism.
A decade down the line, a very popular way to establish identity is to send a One Time Password (OTP) using an Application to Person (A2P) SMS text. This OTP is intrinsic to everything we, as users, can do on digital service platforms like Meta, Google, Amazon, Banks etc.
As companies like Bayobab advance secure communication platforms, cybercriminals persist in their efforts. This occurs amidst increased inter-regional travel across the continent, driven by initiatives like AfCFTA and expansions in the BRICS bloc.
Navigating Cybersecurity Threats Throughout the Authentication Process
To circumvent the layer of protection enabled by OTPs, rogue actors use numerous fraud techniques such as Man-in-the-Middle Attacks (MITM), where these actors intercept text messages and gain fraudulent account access. The fallout of such fraudulent activity can be as extreme as a life and death situation, or in many cases, account takeover of one’s banking, social media, or other online accounts.
To give context to the scale of the cybersecurity threat which lurks behind the authentication process, consider that Bayobab processes about 300 million SMS’ per month, working behind the scenes to ensure the highest levels of encryption are present to ensure that end users can communicate safely, from anywhere in the world. While this is testament to the confidence placed in the company by large hyperscalers such as Google and Meta, it illustrates the need to ensure that users are protected.
The Importance of Analyzing the Authentication Process
It is critical that users pay close attention to how their platforms authenticate them. A simple oversight into the delayed delivery of an SMS or non-delivery altogether can plunge a user into financial ruin. Consider the consequences that a simple oversight contributes towards.
Statistics from The Southern African Fraud Prevention Service (SAFPS) show that there has been a 600% increase in fraud incidents since 2018, as reported by companies in industries such as telecoms, automotive and financial services. INTERPOL also released a report in 2021, which gave South Africa the unwanted title of the cybercrime hub of Africa, as the country recorded over 230 million incidents that year. Globally, Ekata, a Mastercard data and verification company revealed that ecommerce fraud continues to increase, with losses reaching USD 41 billion in 2022 and predicted to exceed USD 48 billion in 2023.
Ensuring Customer Safety Through the Bayobab Communication Platform
The rising tide of cybersecurity risk requires companies to adopt different layers of protection over and above multifactor authentication. At Bayobab, we continue to use the Bayobab Communication Platforms to provide secure and reliable tools that ensure customer safety while also improving the customer experience. We work behind the scenes to ensure the highest levels of encryption so that end users can communicate safely from anywhere in the world. Through partnerships with mobile network and technology companies, we ensure customers can access secure services and are able to connect seamlessly across borders.
Eradicating Fraud and Bridging the Digital Divide
We want our customers and investors to remember that, at the core of what we do, there is a deep commitment to bridge the digital divide and drive socio-economic development in Africa. Leveraging our African heritage, we believe we are successfully navigating the terrain.
As part of our commitment to combating fraud, we have been recognized as one of the top 20 international carriers compliant with the GLF Code of Conduct in eradicating fraud. In revolutionizing the delivery of wholesale roaming services, we pride ourselves on being part of the highly accomplished Innovative Operators (IO) Executive Board which our CEO, Frédéric Schepens, chairs. Members who form part of the Executive Board have achieved full compliance with industry standards RAEX IR.21 and RAEX IOT, OpData. This demonstrates our shared commitment and dedication to providing reliable solutions for fixed connectivity, innovation and, most importantly, customer-centric solutions.