If you own a bank account — or anything vaguely financial like crypto or NFTs — then you run the risk of being taken in by scams. Except, apparently, if you happen to have a Bank Zero account. In that instance, you’re bulletproof. At least, that’s what the financial institution’s head Michael Jordaan says.
It’s a remarkable claim to make at a time when phishing around the world — and South Africa’s right up there with the best worst of them — is on the rise. But since the bank reckons it’s also experienced zero card fraud, it’s not that outlandish.
Bank Zero of the future?
Phishing is a greater deal than you might think. Recently South Africa’s Banking Ombud ruled that customers are liable for losses if they’re the ones who give up authentication details that result in them being robbed. In other words, if you’re caught by phishing, your bank doesn’t have any obligation to return that money. The stakes are higher for this particular scam these days.
Bank Zero CEO Yatin Narsa explains that there are a couple of ways that the bankless bank is able to stave off phishing. One of these is that all transactions are conducted via its app. This method is apparently less susceptible to keyloggers, which are a problem for those logging in via a desktop web browser. Secondly, only authorised devices can access an account. If another device tries, the user is matched against facial biometrics before any transactions can take place.
“It’s all about double checking that the person transacting is the authorised person for that account,” said Narsa. “Businesses small or large enjoy the same protection: staff acting on behalf of the business as Authorisers, Mandated Officials or Relationship Bankers do so under the same rules of biometrics and safe pairing. This means businesses are also protected against phishing, and are no longer exposed to ‘unknowns’ working on PCs and laptops that are vulnerable to key loggers and prone to failures from clumsy digital certificates.”
And then there’s a preponderance of notifications. Highly, highly detailed notifications. These might seem annoying, if you’re that sort of person, but when your Bank Zero account remains impenetrable it’s less of an issue.
“This comprehensive notification of all actions and transactions, including geolocation when they are risky, provides a high level of security. When it’s combined with the rigorous confirmation of the customer’s identity via facial biometrics, you get a system that is well-defended, even if the log-in details and so on have been divulged.”