Exclusive: CBN targets six months for recertification of PoS terminals to fight fraud

The Central Bank of Nigeria (CBN) plans to recertify all active POS terminals across the country, two sources familiar with the conversation told TechCabal. Part of that process will include an update to issuing terminal identification numbers (TID) — a unique eight-digit identifier — and collecting information such as BVN and tax identification numbers from POS agents.

“This means you must request TID for each merchant with their details and wait for NIBSS to generate it before they can assign a terminal to that merchant,” one person familiar with the CBN’s plans said.

Before now, mobile money operators like Opay or Palmpay typically requested TIDs in bulk to assign terminals quickly, but recertification will mean acquirers (banks and mobile money operators) have to register each TID separately. Registration requires the provision of an address, BVN or Tax Identification Number (TIN), business name, and F1 Code of the acquiring bank.

The validation of a POS terminal delivered to a particular location would be handled by licenced Payment Terminal Service Providers (PTSPs) like Interswitch, ETOP, or CitiServe.

“Banks will typically select and map each terminal registration with a particular PTSP that sets it up, deploys, and continues to support the merchant. PTSPs are also the bridge to terminal procurement from the OEM as banks/acquirers were not allowed to engage directly with OEM for procurement,” a product manager at a fintech startup said.

While there is no timeline given by the CBN for the commencement of the recertification exercise, TechCabal learned that the Nigerian Interbank Settlement System (NIBSS) was mandated by the CBN to come up with a geofencing plan that ensures that terminals are not used outside the locations where they are registered. The terminals, once certified, can only be used in the location where it is deployed. If the POS terminal is used outside the address or location, NIBSS will disable it.

While the timeline of recertification is unclear, mobile money agents will be asked to provide additional information as part of their KYC to enable them to operate Tier-3 accounts. A Tier-3 account allows transactions of up to ₦1 million, and customers can hold up to ₦1 billion in deposits.

Before now, agents were allowed to operate any level of tiered accounts provided that proper KYC was done and necessary documentation was achieved. Tier-1 accounts are the most popular among agents because they require minimal documentation to open and operate. The recertification is likely to push agents towards operating more Tier-3 accounts.

The plan also mandates the audit of agents and review of their processes by acquirer banks, Super Agents, and MMOs to align with the proposed recertification program and beyond.

Mobile money operators who spoke to TechCabal on condition of anonymity said they are still trying to get clarification on some of the features of the certification exercise for POS terminals.