By Opeoluwa Okudero 
As Nigeria expands its open banking ecosystem, the Central Bank of Nigeria (CBN) is urging financial institutions to fortify their cybersecurity defences or risk exposing customer data to hackers.
At the Q2 Regulators Forum of FintechNGR, CBN’s Director of Payment Systems Policy, Musa Jimoh, said financial service providers must be intentional about securing customer data as they integrate with open banking infrastructure.
“Open banking should not be an open door for cybercriminals,” Jimoh warned. “The security around APIs, data, and payment infrastructure must be airtight.”
Data Sharing Comes with Responsibility
Open banking allows third-party financial service providers—like fintech apps—to access user financial data from banks through APIs, but only with user consent. While this is expected to drive innovation in financial services, it also raises the stakes for cybersecurity.
Jimoh stressed the importance of customer awareness, warning banks and fintechs to proactively educate users. The risk, he said, lies not just in technical vulnerabilities but also in social engineering tactics—where scammers could impersonate open banking services to steal user credentials or PINs.
“We don’t want cybercriminals tricking people into thinking they need to send a PIN to enroll,” Jimoh added.
He also highlighted the importance of simplifying consent processes and ensuring users clearly understand what data they are sharing and why.
CBN Moves to Standardise API Interactions
To further safeguard the ecosystem, the CBN is developing a standardised API framework to ensure uniformity across all banks and third-party services.
“The way one bank allows a fintech to check account balance should be the same across others. This simplifies integration and enhances security,” said Jimoh.
This move is expected to reduce fragmentation in the financial ecosystem and ease onboarding for fintech startups—while ensuring data handling remains compliant and traceable.
Why This Matters
Nigeria was the first African country to implement open banking regulations, with the CBN releasing its operational guidelines in March 2023. As adoption grows, the real test lies in building public trust—especially among users unfamiliar with how open banking works.
A data breach or phishing campaign could quickly undermine the progress made, particularly for small businesses and low-income users who are beginning to benefit from personalised credit, budgeting, and investment tools built on shared data access.
With the rise of fraud cases across digital platforms, CBN’s latest caution is both timely and necessary: innovation can’t come at the cost of security.
Leave feedback about this