- Enforces Rigorous Security Vetting for Verification Agents
By Tolúlopé Olátúnjí
The National Identity Management Commission (NIMC) has disclosed that all its licensed verification agents, front-end partners, and diaspora partners will now undergo stringent security vetting to protect citizens’ data and prevent identity fraud.
In a statement on Saturday, NIMC Director-General, Abisoye Coker-Odusote highlighted the commission’s commitment to the security identities and adherence to global best practices in identity management.
According to the NIMC the new security measures aim to ensure all agents and partners meet regulatory standards, address insider threats, and prevent unauthorized access to the National Identity Database.
The commission further warned that partners who fail to comply with these protocols will face sanctions in accordance with established regulations and national laws.
Additionally, the Commission declared that law enforcement agencies have been empowered to target individuals involved in online phishing schemes which compromise citizens’ data.
“As part of these new security protocols, all Licensed Verification Agents, Front End Partners, and Diaspora FEPs will undergo rigorous security vetting to ensure adherence to global best practices in identity management. Any FEPs in violation will face sanctions under established regulations and the nation’s laws,” the statement read.
This development is coming against the background of reports by the NIMC that it has been beset with reports of fraudulent online platforms requesting Nigerians to submit their personal information for National Identification Number (NIN) modification or enrollment services. To mitigate abuse and rectify irregularities, the commission said it has temporarily suspended the bypass enrollment process.
It would be recalled that in March, a website, known as XpressVerify.com, was discovered to have unrestricted access to the NIMC database, selling digital identity numbers (NINs) full names, phone numbers, addresses, and photographs for 200 naira (US$0.13) per record.
According to the NIMC , the reported breach prompted investigations by regulatory authorities, including the Nigeria Data Protection Commission, which suspended the website’s domain and launched an inquiry into the matter.
Recall that Nigeria advanced its personal information security framework by enacting a comprehensive data protection law in 2023 after a prolonged legislative process.
