When Abdulkadir Mustapha opened his POS business, Al-Barka Communication Centre, in Rijiyar Zaki, Ungogo Local Government Area of Kano State, he saw it as a way to earn a living while serving his community. He did not expect that within a short time, fraudsters would target his business.
“I have been targeted twice,” Mustapha says.
“The second time, they did a fake transaction and claimed the money had left their account. They said it was urgent, so I gave them the cash. After they left, the money never came.”
In many cases, fraudsters exploit delays or failures in Nigeria’s payment networks. They present POS agents with false debit alerts, manipulated receipts, or terminals that display ‘transaction approved’ without the agent’s account actually being credited. Under pressure to serve quickly, often amid queues, agents release cash before confirming settlement, only to discover later that no money was received.
For many POS agents across Kano, stories like Mustapha’s are no longer isolated incidents; they are becoming routine in Nigeria’s rapidly expanding digital payments ecosystem.
POS Agents as the Human Face of Nigeria’s DPI
Across Kano communities, POS agents now function as the de facto banking system, connecting residents to Nigeria’s payment DPI platforms powered by bank APIs, fintech apps, and the Nigeria Inter-Bank Settlement System (NIBSS) instant payments rails. Through them, government policy goals such as financial inclusion and cashless transactions reach the grassroots. But as Nigeria pushes financial inclusion through agent banking, agents at the bottom of the chain are increasingly absorbing the risks of digitalisation.
Mahmoud Labaran, a Kano-based cybersecurity expert, says this is largely because many agents “seriously lack cybersecurity knowledge,” noting that while some banks and fintechs have started training agents on security, gaps remain.
Fraud Against Agents, Not by Them
Contrary to narratives that portray POS outlets as tools for fraud against customers, WikkiTimes findings show that POS agents themselves are among the victims.
At Unguwar Wambai, Gwale LGA, Sulaiman Adam Abubakar, a POS operator of over six years, says fraud has become almost inevitable.
“If you are in this business, it is certain you will be scammed,” he says. “A customer once did a failed transaction and removed the receipt quickly. He claimed the money was deducted, so I gave him N20,000. After he left, I checked and saw the transaction had failed.”
In Kurna area of Dala LGA, Salisu Ibrahim, who had operated a POS business for less than a month, described how he was deceived by a fake approval alert.
“The terminal showed ‘transaction approved’, but my balance did not change,” he says
“That was how I lost my money.”
For Basiru Abbas, owner of Ibn Abba Drinks and Communication Centre, the losses have accumulated over time.
“I have been defrauded about four times,” he says. “One time, a customer changed N2,000 to N22,000 in my terminal. I entered my PIN without checking.”
Experts say these scams exploit transaction delays, weak agent onboarding, system downtimes, and the pressure on agents to serve customers quickly.
Ahmad Khalil, another cybersecurity expert, explaining why POS agents are a vulnerable point in Nigeria’s payment ecosystem, says “POS agents sit at the user interface of payments, handling cash, cards, and devices with limited technical and supervisory controls, making them an attractive, exposed attack surface for fraud, social-engineering, and terminal compromise.”
He highlights issues such as physical cash handling, informal operations, weak onboarding, cloned terminals, poor device hygiene, and slow dispute resolution as key factors contributing to agent vulnerability.
Beyond Digital Fraud: Physical Insecurity
The risks facing POS agents are not only digital. In Sabon Gari area, Fagge LGA, Musbahu Ibrahim Muhammad says he was robbed at gunpoint while returning home late at night.
“They intercepted me around 11 pm,” he says. “They took my POS terminal, money, and phone.”
Although he later reported the incident to the police and his service provider, deactivated the stolen terminal and issued a replacement, the cash loss was his alone to bear, he explains.
A Growing Threat to Trust in Digital Payments
Nigeria’s reliance on POS agents has deepened as the Central Bank of Nigeria (CBN) promotes cashless transactions. Recent revision by the apex bank to its cash policies, raising weekly withdrawal limits to N500,000 for individuals and integrating POS withdrawals into this cap have increased transaction volumes at agents locations.
While the policy aims to reduce cash-handling risks, analysts warn that it also increases operational risks at POS outlets, without necessarily strengthening agent protection.
Khalil notes that weak interoperability and slow reversal within payment amplifies cash exposure for agents, creating economic pressure that encourages unsafe practices.
He notes that when POS agents lose money repeatedly, the damage goes beyond individual livelihoods; it weakens confidence in the entire digital payments infrastructure.
OPay Responds: Measures to Protect Agents and Customers
One of the fintech operator with a physical presence in Kano says it is tightening protections around POS operations. An OPay staff member at the company’s Yahaya Gusau Road office in Kano, who requested anonymity because he was not authorized to speak publicly, told WikkiTimes that the company has intensified both agent education and transaction security to reduce fraud risks.
According to him, OPay now allows users to set transaction limits ranging from N100,000 to N300,000, after which additional verification is automatically triggered.
“Once the limit is reached, the system prompts facial biometric verification,” he said.
“If facial verification fails, an OTP is sent to the registered phone number for further authentication.”
He added that the company also uses its digital platforms to regularly educate customers and agents on emerging fraud tactics, stressing that POS agents are critical to financial inclusion and must be protected to sustain trust in digital payments.
Strengthening Terminal Security Through Geo-Tagging and Monitoring
In a bid to enhance the security and reliability of POS operations nationwide, the CBN recently mandated the geo-tagging and recertification of all payment terminals with the National Central Switch (NCS), aiming to ensure that devices are properly registered, monitored, and traceable.
To enforce this mandate, the NIBSS introduced the NCS Software Development Kit (SDK), a tool designed to track terminal locations, monitor usage, and improve compliance across financial networks.
Experts say these measures align with DPI principles of security and accountability as geo-tagging and real-time monitoring not only strengthen transaction security but also improve the operational efficiency of payment terminals nationwide, reducing risks of fraud, terminal compromise, and unauthorized usage.
Mahmoud Labaran, a Kano-based cybersecurity expert, believes such measures are crucial: “Tools like the NCS SDK enhance the security posture of terminals at all levels, ensuring that agents and financial institutions can better safeguard transactions against fraud and technical vulnerabilities.”
Regulation Tightens, Protection Remains Thin
Regulators have introduced new rules to bring order to the POS ecosystem. The Corporate Affairs Commission (CAC) now requires all POS operators to register their businesses before January 1, 2026, or risk being barred from operating.
The CBN has also rolled out Risk-Based Cybersecurity Framework, mandating encryption, two-factor authentication, and regular security audits for financial institutions.
Mahmoud Labaran adds that these measures “enhance security posture at all levels,” but the frontline agents often remain underprepared.
Beyond banking, the National Information Technology Development Agency (NITDA) oversees broader digital governance, enforcing data protection under the Nigeria Data Protection Regulation (NDPR) and sanctioning abuses. The Director-General, Kashifu Inuwa Abdullahi, highlighted Nigeria’s commitment to cybersecurity governance, presenting the National Cybersecurity Architecture and emphasizing the role of bank boards in countering financial cyber-attacks.
NITDA has also partnered with the Federal Competition and Consumer Protection Commission (FCCPC) to address abuse of personal data by money lending operators. Through joint enforcement and sanctions, such as the N10 million fine imposed on Soko Lending Company, regulators aim to reduce risks for consumers and strengthen data protection.
However, many POS agents say these regulations focus more on compliance and control than on protecting agents from losses.
“There is no clear protection for us when fraud happens,” saysSulaiman Adam Abubakar from Unguwar Wambai.
He added: “Once the money is gone, it is gone.”
Fintech Security Advances, the Last-Mile Gap and The Cost of Ignoring the Frontline
Fintech companies such as Moniepoint and OPay have introduced stronger security features, including multi-factor authentication, biometric verification, and USSD safeguards to protect accounts from unauthorized access.
They recently introduced mandatory multi-factor authentication for high-value transactions, combining biometrics and time-based passwords.
While experts acknowledge these improvements, they note that many frauds affecting POS agents occur before platform-level protections can intervene at the point where human judgement, speed, and system delays intersect.
Analysts warn that Nigeria’s DPI cannot be sustainable if its frontline operators remain exposed.
Low digital literacy, especially among new and rural agents, weak enforcement of cybercrime laws, and unclear liability frameworks leave POS agents vulnerable.
Khalil recommends comprehensive reforms at the agent, bank, and regulatory levels, including stronger onboarding, device hardening, faster reversals, agent insurance, and mandated incident reporting.
As Nigeria races toward a cashless economy, POS agents have become indispensable bridges between digital systems and everyday life. But for many of them, participation in the digital economy comes with personal financial risk and insecurity.
“If you stop being careful for just one minute, you lose your money,” Abdulkadir Mustapha, a POS operator, notes.
Without clearer protections, faster dispute resolution, and stronger agent-focused safeguards, experts warn that the people sustaining financial inclusion at the grassroots may eventually walk away, taking public trust in Nigeria’s digital payments system with them.
This report is produced under the DPI Africa Journalism Fellowship Programme of the Media Foundation for West Africa and Co-Develop.
