Nigeria’s financial regulator, the Central Bank of Nigeria, is reportedly pushing banks to tighten security by allowing mobile banking apps to run on only one registered device per customer at a time.
The idea targets mobile apps only, not the entire banking system.
Here is how it would technically work.
When you install a banking app, the app automatically records a unique device identity from the phone. This can include the phone’s hardware ID, operating system signature, and security certificate. Banks already use these signals to recognize trusted devices.
Under a one-device rule, the bank’s system would store that device ID as the only approved phone for the mobile app. If someone tries to log in from another phone, the app would block access until the user verifies their identity and registers the new device.
This means the restriction would apply only to the mobile app itself.
Other banking channels use completely different systems, which is why they would still work:
• ATMs rely on debit cards and PIN codes
• Internet banking on computers uses web logins and authentication codes
• USSD banking works through telecom networks using short codes
• Bank branches verify customers physically with ID
Because these systems do not rely on a phone’s device ID, they are not affected by a mobile-app device limit.
However, experts say the rule could still create practical issues. People frequently change phones, repair devices, or use more than one phone, meaning banks would need systems to constantly re-authorize new devices.
Why this matters
Mobile banking apps are now one of the most widely used ways Nigerians transfer money and pay bills. Any restriction on device access could therefore affect millions of everyday transactions.
Sources: Nigerian banking and fintech reports discussing security measures tied to the Central Bank of Nigeria and device-based authentication used in mobile banking systems.
