fbpx

Public warned against lending apps

BY: Elizabeth Nyaadu Adu
Albert Antwi-Boasiako, Director-General, CSA

The Cyber Security Authority (CSA) has advised the public to desist from subscribing to mobile applications which are not sanctioned by the Bank of Ghana (BoG) and the Data Protection Agency.

It explained that it had received reports of cyberbullying experienced by users of digital lending mobile applications (Apps) which could be found on Google Play Store or may be shared as Android Package files (APK) via social media.

The commonly reported Apps in this scheme include FourCredy, FiCashX, 4Cedi, Aliloan, Boseapa, CediBoom, Cocoaloan, Mach Loan, Easy Loan and Onloan.

Interest rates

In a release issued in Accra yesterday, it said these Apps offered loans at varying interest rates and payment terms such that when subscribers defaulted in repayment, they were threatened by the owners of these digital lending Apps with their identities published as wanted persons or fraudsters on various social media platforms and to their contacts.

“In some cases, the App owners follow through with their threats. Some victims also reported that even though they had not taken such loans, they received the threat messages.

Individuals who patronise these services do so at their own risk. The public is further advised to review access permissions for mobile applications carefully before installing them,” the release said.

It said victims would typically have granted these Apps permissions during installation unknowingly or without proper scrutiny, to access their data and personal identifiable information (PII) such as name, phone number, Ghana card ID number, contacts and photo.

“A Bank of Ghana notice (BG/GOV/SEC/2022/10) states that it has not licensed any company to provide digital lending services of such nature to the public.

In addition, these digital lending Apps have not met the compliance obligations of the Data Protection Commission (DPC) and hence their access and use of the data and PII of users are in violation of the Data Protection Act, 2012 (Act 843),” it added.