BY SAM ALFAN.
A businessman has sued Safaricom accusing the telcos of negligence after losing about half-a million to fraudsters through sim-swap.
Abdi Zeila says Safaricom has failed to provide secure services to him and by its negligent or failure to discharge its duties diligently, he lost the money while on holiday in a neighbouring country.
He says he has been a customer for Safaricom for the past 20 years and wants the court to declare that Safaricom failed to securely process and control his personal data, exposing him to financial losses.
Abdi has also accused the Communication Authority of Kenya saying it has failed to exercise its regulatory mandate in a diligent manner by failing to hold Safaricom to account.
The businessman wants the court to compel Safaricom and the regulator to be jointly held liable for the loss of Sh495,651.
“The Plaintiff avers that as result of the Defendants’ pleaded failures, breaches, negligence, and violations, he incurred injury and losses and holds the Defendants jointly and severally liable,” he says in the petition.
As a result of the unauthorized sim-swap, Sh373,000 was withdrawn from his NCBA account, a Mobile bank loan of Sh66,640 drawn on his NCBA bank account, Sh24,000 M-Shwari loan, Sh20,000 drawn from his KCB Mobile loan and Sh12,000 overdrawn from Fuliza.
He reveals that on March 28 this year, a sim-swap was done on his Safaricom number without his authorization. At the time of the sim-card, he was on a roaming network outside Kenya and it was therefore not possible for him to avail himself and apply for a new sim or replacement sim-card.
He adds that having been on roaming network at the time, the Safaricom system was able to geo-locate him and confirm that the sim-swap request was not coming from him.
“I know this is possible because Safaricom has introduced geolocation facility to detect fraud in its system, for instance in M-pesa transactions where it is not possible to deposit money into an M-Pesa account that is not within the vicinity of the transaction M-pesa agent,” he says.
Abdi adds that after when he crossed into Kenya through Namanga border just after midday, he discovered that his Safaricom network was not functional and he immediately messaged Safaricom via direct message on its official Twitter handle.
Safaricom allegedly advised him to switch off his phone and remove the sim-card and re-insert and despite doing that network was not restored.
He tried to access his bank account for money and it was at that point he was not in position to transact on his mobile wallet on M-pesa and that is when he realized he was a victim of fraud on his bank account which incidentally was linked to his mobile phone sim-card for purposes of mobile banking a service offered by Safaricom in collaboration with NCBA.
He reported matter to Safaricom and police but no feedback from Safaricom for months. He adds that he hold Safaricom solely liable for the incurred loss.
Abdi adds that he is aware sim-swap is not possible unless someone has access to the Safaricom system and the targeted subscriber’s personal data required for purposes of effecting sim registration.
“As Safaricom demands that a subscriber presents themselves in person together with the original ID or such a transaction to occur, it was not possible in my case as I was out if the country and I had my original ID with me,” says Abdi
He further adds that only Safaricom can explain how new sim-card was created for his number while he was on a roaming network.