-->
Overview

PROBLEM STATEMENT

IDEAL:

The development of Fintech solutions is on the rise, providing innovative solutions to financial services customers in a way not hitherto possible by the incumbent. Users access these solutions through their mobile phones. However, the rise in fintech comes with a secondary risk of cybersecurity, leading to loss of funds by users in some instances and affecting trusts in fintech. To address the problem of cybersecurity in fintech, strong technical countermeasures have been deployed. Unfortunately, the usability of security mechanism by the users leads to some human element concerns. To address this, some usable security heuristic have been developed. This hackathon seeks to apply these heuristics in the design of Fintech solutions to reduce cybersecurity concerns in Fintech associated with the human element.

REALITY:

Globally, over 1.7b people do not have access to financial services. With a penetration of rate of 5.2b of which 4.2b have internet access and 68% are smart phones, the mobile phone is the realistic opportunity of providing financial services to the unbanked. In recognition of that, financial services providers have developed Mobile Financial Services solution to reach this segment or to provide an alternative channel for its existing customers. However, adoption has been slow due to cybersecurity concerns.

CONSEQUENCES:

  • New users remain at the risks of cybercrime
  • Adoption of Fintech amongst the unbanked is hindered by lack of trust due to cybercrime
  • Strong technical countermeasures have not eliminated these concerns
  • Usable security concerns lead to cybersecurity breaches in Fintech

PROPOSAL:

To address this problem, experts have developed and validated 12 heuristics. These heuristics when applied during the design of Fintech solutions will improve cybersecurity in Fintech through improving the usability of security controls of the solution. These heuristics include:

To address this problem, 12 heuristics have been developed and validated by experts. These heuristics when applied during the design of fintech solution will improve cybersecurity in fintech through improving the usability of security controls of the solution. These heuristics includes:

  1. Integrity: What usable secure controls should be put in place against unauthorized modification of transaction data, data protection and privacy?
  2. Proportionality: Not all users have the same knowledge level of the use of fintech, time to execute a transaction, cognitive ability and not all transaction types have the same level of sensitivity. What usable security controls should be designed into a solution to chatter for proportionality?
  3. Transparency: How do we ensure security controls and practices are comprehensible, verifiable and accessible for the user?
  4. Empowerment: How can users be enabled to express their systems security needs in the most efficient way? For example, customizing security preferences and reversing certain security choices
  5. Identity: How do we eensure that users can be uniquely identified and verified with a high level of assurance throughout a transaction life cycle?
  6. Reliability: What measures should be put in place to keep users informed of the status of their transactions throughout the life cycle of that transaction and not leave users guessing?
  7. User Support: How can users be enabled to be effective in using the system without adding additional cognitive workload on them?
  8. Accessibility: Ensure the system and security control do not discriminate against any user. For instance, how do we make security controls suitable for the visually impaired user?
  9. Authenticity: What controls can be put in place to help users differential rogue applications from real ones? And how does a user know from glancing at an app that it is secure just as it is currently possible on websites by SSL lock?
  10. Compliance: What controls can be put in place to provide the assurance that the security controls in a system complies with extant policies, guidelines?
  11. Alignment: How can a system ensure security mechanisms aligns with the usual flow of user activities, mental model and cognitive ability?
  12. Freedom: How can we ensure security mechanisms guarantee a certain degree of freedom to user.

Hackers are expected to come up with an innovative solution on how to apply any 3 of the twelve heuristics during the design and development of Fintech solutions.

VALUE:

The outcome of this effort will serve as a usable security guideline for developing Fintech solutions.

challenge-img
Reward

REWARDS

1st Prize: N750,000.00

2nd Prize: N400,000.00

3rd Prize: N200,000.00

PRIZE DETAILS

The prizes and awards to be awarded for the hackathon are as follows:
The Participants whose Entries are awarded the top three (3) highest scores by the judges will receive prize money. The Team Lead will collect the prize on behalf of his/her team members.

Sponsor will not replace any lost or stolen prizes. Sponsor will not be responsible for and/or open to complaints as regarding the sharing or non-sharing, hold or use of the prize money received by the team lead on behalf of his team. Winners are solely responsible for any and all federal, state, provincial and local taxes, if any, that apply to prizes. Approximate value of the prize: 1st – N750,000; 2nd – N400,000; 3rd – N200,000.

If a selected winner cannot be contacted, is ineligible, fails to claim a prize and/or where applicable an affidavit of eligibility and publicity/liability release is not timely received, is incomplete or modified, the prize maybe forfeited and an alternate winner will be selected from remaining valid, eligible entries timely submitted.

PARTICIPATION GUIDELINES

During this challenge, you will be required to come up with innovative ways to secure transactions on mobile applications to reduce cyber crime and other security related challenges that consumers face.

To participate in this challenge, kindly follow the guidelines below:

  • Form a team of 3 to 5 persons, your team should have at least one frontend, one backend and one cybersecurity and select a team lead
  • All team members join FSI if they are yet to do so (https://fsi.ng/members/signup/student)
  • Team lead registers team, accepts terms and conditions and invites team members to join.
  • Team members accept the terms and conditions governing the hackathon and are admitted to the team.
  • An email is received by the team with test details.
  • You are expected to use a minimum of 2 API end points during this challenge.

This is a two round challenge during the first round, you are expected to build a mobile app (MVP) that the consumer can use to do any two of the following:

    • Save money,
    • Remit money,
    • Transfer money,
    • and/or purchase goods & services.

Once you register, you can start working on your MVP based on your chosen use case using a minimum of two API end points on the SandBox

The deadline for submission for the first round is 11:59PM on Tuesday 26th October, 2021

Shortlisted candidates will be contacted to participate in the second round.

judges
Meet the thinkers and doers who are changing the world

Cybersecurity Innovation Challenge judges are visionaries, innovators and game changers. Hear from today's brightest minds in keynotes, roadmap sessions, Trends & Directions talks and and speaker chats.

Ifeanyi Jude Muonagor
Ifeanyichukwu Mbah
Edward Apeh
Ifeanyichukwu Mbah
IKECHUKWU ENYINNAYA OGUAMAH
Stephen Ambore
Assistant Director, Central Bank of Nigeria, Head Digital Financial Services
Stephen Ambore

Partners

Sponsors