The Central Bank of Nigeria (CBN) has introduced new rules that will require mobile banking applications in Nigeria to operate on only one device at a time, a move aimed at strengthening fraud prevention across the country’s fast-growing digital payments ecosystem.
“Mobile financial services applications shall only be enabled on one device at a time, and customers cannot operate the apps concurrently on multiple devices,” the CBN said in a circular issued to banks and payment service providers.
The directive was announced in a circular dated March 12, 2026, by the CBN’s Payments System Policy Department and signed by Musa I. Jimoh, Director of the department. The circular provides additional operational guidelines for instant payment services in Nigeria and introduces new security requirements for financial institutions.
Overall, the policy signals the regulator’s effort to tighten security controls in Nigeria’s digital banking ecosystem, where mobile apps have become the primary channel for financial transactions but are increasingly targeted by fraudsters.
The Problem: Digital Banking Fraud Is Rising in Nigeria
Nigeria has experienced rapid growth in digital payments over the past decade. Millions of people now rely on banking apps and mobile money platforms for transfers, bill payments, and online commerce. According to the Nigeria Inter-Bank Settlement System (NIBSS), electronic payment transactions in Nigeria rose to N284.9 trillion in the first quarter of 2025, reflecting one of the fastest-growing digital financial ecosystems in Africa.
However, this rapid digital expansion has also created new vulnerabilities for financial fraud.
Cybercriminals increasingly exploit weaknesses in mobile banking systems, including account takeovers, SIM swap attacks, phishing, and social engineering scams. In many cases, fraudsters gain access to customer credentials and then activate banking apps on new devices to transfer funds quickly before victims detect the breach.
Digital security and compliance companies like Prembly, are building open-source fraud intelligence bank designed to help financial institutions, fintechs, and businesses detect and prevent fraudulent activity across Africa. This is because banking apps can often be installed on multiple devices, criminals may exploit compromised credentials to operate accounts remotely without the customer’s knowledge.
The CBN’s new guidelines acknowledge these risks and introduce additional safeguards to reduce fraud within the instant payment ecosystem.
The Solution: Device Binding and Stronger Authentication
To address these vulnerabilities, the CBN has introduced a set of security enhancements for instant payment platforms and mobile financial services.
One of the most significant changes is mandatory device binding, which restricts banking apps to a single registered device per customer at any given time. If a customer attempts to migrate the app to another phone, the system must trigger automatic re-activation and authentication checks before access is granted.
The circular also introduces several other fraud-prevention measures:
Additional authentication for new devices: First-time login on a new device will require extra multi-factor authentication (MFA).
Transaction limits for newly activated apps: Newly activated mobile banking apps will face temporary transaction limits during the first 24 hours, capped at ₦20,000, to reduce the risk of immediate fraudulent transfers.
Enterprise fraud monitoring: Banks must deploy enterprise-level fraud monitoring systems capable of analyzing inflows and outflows to detect suspicious transactions.
Liveness verification for new accounts: Online account openings must include liveness checks and real-time verification with the BVN or NIN database to confirm user identity.
Additionally, in another circular, the Apex bank revelaed that bank customers can only change phone numbers attached to their BNV only once in a life time.
These measures form part of the minimum security standards for instant payment services in Nigeria, which banks must implement before the July 1, 2026 compliance deadline.
Why It Matters: Protecting Trust in Africa’s Digital Financial System
The success of digital banking in Nigeria depends heavily on public trust in the security of electronic payment systems.
Millions of Nigerians rely on mobile banking to send money, pay bills, and run small businesses. If fraud continues to grow unchecked, it could undermine confidence in digital payments and slow financial inclusion efforts.
By tightening authentication controls and limiting app access to one device at a time, the CBN aims to reduce the risk of unauthorized account access and fraudulent transfers.
Improved fraud prevention could also strengthen Nigeria’s fintech ecosystem, which includes hundreds of startups building payment platforms, digital wallets, and financial infrastructure.
For consumers, stronger safeguards mean better protection of savings and personal data. For businesses, it ensures that Nigeria’s digital economy can continue to grow without being undermined by rising cybercrime.