Engineering
backResearch Presented by Prof Adeolu Afolabi at Moniepoint Research Talks, March 2026
Moniepoint Research Talks is our monthly engineering chat, where research meets practice. Each month, we host academics and senior engineering experts to share insights that help engineers build better systems, solve real-world problems, and advance their craft.
Introduction
The world of financial technology changes fast. In 2026, banks and payment apps use smart tools like AI and blockchain to keep money safe. Companies in Nigeria like Moniepoint, Kuda, and Flutterwave lead the way. They help people pay bills and get loans through mobile phones. Since everything is digital, these platforms must be very strong. If a digital platform has even one small hole, thieves can cause big trouble. Security is the most important part of any banking app today.
Who Uses Fintech?
To understand security, we must look at who uses these tools. There are four main groups in the fintech world. Each group needs protection from hackers.
Banks to Banks: This is where large banks use technology to communicate with other banks. It is called business-to-business or B2B.
Clients to Banks: This refers to a large company or client working with a bank.
Business-to-Consumer: This is when small businesses provide services to consumers.
Consumer-to-Business: This is the most common way regular people use apps to pay for goods and services.
Each group has different needs. A big bank needs to move millions of dollars safely. A small shop owner just needs to make sure their daily sales do not go missing. Because there are so many users, the risks are always growing.
Modern Cyber Threats in 2026
Thieves have become very smart by 2026. They no longer just guess passwords. They use high-tech tools to trick people. Here are the top threats facing users and banks today.
AI-Powered Phishing
Phishing is when a thief sends a fake message to steal your info. In 2026, they use AI to make these messages look perfect. They send texts on WhatsApp or SMS that look exactly like your bank’s official mail. Many people fall for these because they look so real. If a person does not know much about digital tools, they are at high risk.
Deepfake Voice Fraud
Thieves now use AI to copy voices. They can make a phone call sounding like a bank boss or a family member. They use this fake voice to ask for money or a password. This is why authentication is so important. Banks must check if the person on the phone is actually who they say they are. These attacks happen very fast, making them hard to stop.
Sleeper Account Fraud
Sometimes, people open a bank account and do not use it for months. These are called dormant or sleeper accounts. Criminals look for these quiet accounts. They use them to move stolen money around. It is a big blind spot for many computer systems.
SIM Swapping and OTP Theft
Your phone number is a key to your bank. In a SIM swap, a thief takes over your phone number. They then receive your One-Time Password (OTP) on their phone. With the OTP, they can reset your banking password and steal your money. This happens when phone companies have weak security.
KYC Farming
KYC stands for "Know Your Customer." Banks use ID cards to verify users. Thieves now use real ID cards to create many fake accounts. These are called mole accounts. They use these accounts to hide their tracks when they commit crimes.
Financial Losses and Challenges
Cybercrime costs a lot of money. In Nigeria, the numbers show how much is at stake. Even though we are getting better at stopping it, the attempts are still very high.
Year | Money Lost to Fraud (Naira) | Status |
2024 | 52.26 Billion | Very High |
2025 | 25.85 Billion | Decreasing |
The amount of money lost went down in 2025, but it is a lot. When people lose money, they stop trusting digital banks. This makes it harder for the country to grow its economy.
Regulatory Problems
The Central Bank of Nigeria (CBN) has new rules to stop these crimes. However, there are still many challenges. Sometimes it takes too long to get approval for new security tools. About 62.5% of the time, there are delays in getting site approvals. This slow pace helps the criminals stay ahead.
Common Financial Crimes to Watch
We must look at how criminals move money. They use several tricks to bypass the rules.
Online Money Laundering: Criminals use cryptocurrency to hide where their money came from. These funds are often hard for the bank to track.
Fake Loan Creation: Thieves use "synthetic identities." This is when they mix real and fake info to create a new person. They use this fake person to take out loans they never pay back.
Payment Fraud and Chargebacks: Some users lie and say they never bought an item. They get their money back, but the business loses out.
POS Malware: Software that attacks point-of-sale (POS) machines. It steals data when you swipe your card at a store.
The Layered Defence Plan
To stop these crimes, we need a layered plan. If one layer fails, the next one stops the thief. There are four main layers of security.
Physical Security: This protects the actual hardware and buildings. It uses tools like fingerprint scanners to let people in.
Network Security: This uses firewalls to block bad traffic. It keeps the internet's "pipes" safe.
Application Security: This protects the app or software itself. It makes sure the code has no holes.
Data Security: This involves encrypting the data. Even if a thief steals the data, they cannot read it without a special key.
Using all these layers makes the system hard to break. It creates a safety net for every transaction.
Using AI for Better Detection
Old computer systems use simple rules. For example, a rule might be "stop any payment over $5,000." But thieves know these rules. In 2026, we use Machine Learning (ML) to spot weird behaviour.
Supervised Learning
We train the computer by showing it what fraud looks like. It learns the difference between a good buyer and a thief. We use tools like Decision Trees and Support Vector Machines to label transactions.
Unsupervised Learning
This is even smarter. The computer looks for patterns on its own. It finds "outliers" or strange actions that do not fit the normal routine. It can find new types of fraud that we have never seen before.
Graph Neural Networks
This tool looks at how different accounts are connected. If ten different accounts are all sending money to one person in a strange way, the computer flags it. This helps stop big crime networks.
Behavioural Biometrics: The Future of Security
Passwords are not enough anymore. In 2026, we look at who you are and how you act. This is called behavioural biometrics.
The system can track:
- How fast you type on your phone.
- How much pressure you use on the touch screen.
- The way you move your computer mouse.
- The way you hold your phone or walk.
If a thief steals your phone and tries to use your app, the system will notice. They do not type like you. They do not hold the phone like you. The app will lock itself instantly. This is a very strong way to stop unauthorised users.
Better Security Strategies
Banks are moving away from old habits. They now use a "Zero Trust" model. This means the system trusts no one. Every single time someone tries to move money, the system checks their ID. It does not matter if they just logged in a minute ago.
Banks also use Red Teaming. This is when a team of good hackers tries to break into the bank. They find the weak spots before the bad guys do. This helps the bank fix problems early. They also scan their systems every day to find any new bugs.
The Human Side of Security
Technology is only half of the battle. People are the other half. Even the best AI cannot save a bank if an employee helps a thief. This is called an insider threat.
To stay safe, companies must:
Train Employees: Every worker must know how to spot a fake email.
Report Early: If something looks wrong, workers must say something right away.
Build Ethics: Workers need to have a strong sense of right and wrong.
Work Together: The tech and office teams must communicate with each other.
When everyone works together, the whole system becomes much safer.
Conclusion
Cybersecurity in 2026 is a constant battle. As thieves use AI to steal, banks must use AI to protect. A good security plan must have many layers. It needs to use physical locks, smart code, and careful data tracking. By using tools like Zero Trust and behavioural biometrics, we can stop fraud before it starts.
The goal is to create a safe place for everyone to use money. Nigeria's fintech world is growing fast. If we keep our systems strong and our people trained, we can build a future where everyone's money is safe. We must stay ready for new threats and keep improving our tools every day.
About the Speaker
Professor Adeolu O. Afolabi is a Professor of Information Security and E-Learning in the Department of Cyber Security at Ladoke Akintola University of Technology (LAUTECH).
He holds a PhD in Computer Science from Obafemi Awolowo University (OAU) and has built a distinguished career at the intersection of cybersecurity, research, and academia. With over 60 peer-reviewed publications and four textbooks to his name, he is a leading voice in information security research.
He is a member of several professional bodies, including the Computer Professionals Registration Council of Nigeria (MCPN), the Nigeria Computer Society (MNCS), and the International Association of Engineers (IAENG), and currently serves on the Governing Council of LAUTECH.
