Evaluation Of Identity Access Management and Maintenance Frameworks on The Safety of Mobile Money Transactions Used by Fintechs In Nairobi, Kenya.

Abstract

Smartphone technology improved access to mobile money which enabled FinTech companies successfully deploy service systems bringing massive benefits to those with limited access to banking. Embracing its usage has many security issues and challenges and the need to evaluate identity access management and maintenance associated with the safety of mobile money transactions. A descriptive research design was used with the target population in Fintech companies. Data collection techniques used were primary data through questionnaires while secondary sources of data were document reviews, official documents, publications, journals, reports, and online repositories. SPSS software was used on both qualitative and quantitative data to grasp the intent and rate at which physical access to IT assets, remote access management, users and devices authentication, access permissions; how authorization and network security are managed. Statistical techniques such as percentages, correlation and regression analyses were used. Findings revealed that key security issues were identity theft, authentication attack, phishing attack, vishing attack, SMiShing attacks, personal identification number (PIN) sharing, and agent-driven fraud. The use of better access controls, customer awareness campaigns, agent training on acceptable practices, strict measures against fraudsters, and high-value mobile money transaction monitoring, were some recommendations given. This study helps mobile money operators, mobile money decision makers, and the government to identify and evaluate key security issues associated with the safety of mobile money transactions in Fintech companies and recommendations proposed to address security gaps.