Avoiding Instant EFT Risks
In 2020, e-commerce in South Africa spiked by 66%, driven by COVID-19-induced lockdowns and a drop in brick-and-mortar retail sales[i]. This increase was accompanied by an upsurge in the use of instant Electronic Funds Transfer (EFT) payments. Towards the end of last year however, the SA Reserve Bank, Payment Association of South Africa (PASA), and Financial Sector Conduct Authority (FSCA) issued a joint statement warning consumers to be aware of the risks associated with this payment method, particularly the use of screen scraping, “which makes it possible for third parties to access bank account data and automate actions on behalf of a consumer using that consumer’s online banking access credentials”. The statement went on to detail some of these risks such as the potential for fraud and financial crime as well as data privacy issues. One of the big four banks recently noted that there are also significant risks for the businesses themselves that sign over their banking and client information to a third party. So, how can South African consumers and businesses continue to use instant EFT in a safe way?
Francois Hamer, Business Development Lead at Pay@  – a leading payment aggregator and provider of secure payment solutions – shares that while screen scraping is actually a common technology that has been used for a number of years, dealing with trustworthy third parties is paramount. “I would advise both businesses and consumers to do their homework when it comes to instant EFT providers and to check things like their longevity in the market, size of their payment network, and the kinds of clients they service.”
He continues by saying that the security of the site in which the transaction occurs is also key. “Additionally, all communication must be encrypted as this makes it difficult for hackers to infiltrate the system.”
Hamer adds that service providers should ensure that data is not stored, and that any information inputted is masked. “This helps to prevent the possibility of fraud and is a must now with the Protection of Personal Information Act coming into effect.”
Over and above this, he notes that payment providers should strive for zero misallocated payments. “When Pay@ first started working with instant EFTs as a mechanism for bill payments four years ago, we picked up that there was a misallocated payments issue in instant EFTs for certain transaction use cases. Pay@ has continued its track record of a near zero percent error rate in terms of our transaction processing through working closely with EFTSecure to eradicate this issue. Even though we’ve seen sharp increases in volumes processed, Pay@ has not experienced any misallocated payments.”
“I believe that if all these criteria are met, businesses and consumers will benefit enormously from instant EFT,” says the Business Development Lead. “Open Banking APIs are the future, and it will be beneficial for Instant EFT payment services and banks to collaborate on open banking solutions. Pay@ is working closely with both to provide a world class payment experience.”
Melissa Nield, Senior Collections Specialist at 1Life shares: “In line with the increasing digital adoption within the industry, our clients required a product that offers an easy and secure way to make payments. We can now provide them with the ability to execute a payment at any time of the day, with the knowledge that it has been safely received. By using the instant EFT option, they can securely and confidently pay without the uncertainty of other payment links. This has increased the arsenal of secure payment options we can offer our clients and has also contributed greatly towards positive payment results in a difficult economic environment.”