The Central Bank of Nigeria (CBN) has introduced new regulations aimed at strengthening the security of mobile banking and instant payment services, including a policy that restricts each banking application to a single device per customer.
The new directive, which takes effect on July 1, 2026, was contained in a circular issued to banks, financial institutions, and payment service providers by the apex bank’s Payments System Policy Department, and signed by its Director, Musa Jimoh.
Under the new framework, customers will no longer be able to operate the same mobile banking application on multiple devices simultaneously. Migration to a new device will automatically trigger re-activation and authentication procedures to confirm the user’s identity.
The CBN said the measure forms part of additional guidance for the operation of Instant Payments (IP) in Nigeria and is designed to reduce fraud risks and improve customer protection.
The guidelines also allow customers to opt in or opt out of instant payment services at any time. However, customers who opt out will be unable to carry out online transfers to other accounts during that period, although they can still visit bank branches to complete transactions. The opt-in or opt-out process will be subject to multi-factor authentication (MFA).
In addition, the apex bank maintained the maximum transaction limits for instant payments at ₦25 million for individuals and ₦250 million for corporate customers. Users may voluntarily adjust their limits, but such changes will be subject to enhanced due diligence, risk assessment, and customer consent through MFA.
To further combat fraud, the CBN directed all financial institutions to deploy enterprise fraud monitoring systems capable of tracking both inflows and outflows in real time to detect and block suspicious transactions.
The new rules also introduce stricter verification procedures for digital banking services. Online account openings and reactivations must now undergo real-time validation with Bank Verification Number (BVN) and National Identification Number (NIN) databases, alongside biometric authentication, liveliness checks, and other enhanced verification mechanisms.
For newly activated mobile banking apps, a temporary transaction cap of up to ₦20,000 will apply within the first 24 hours, whether the account is new or existing. Internet banking users logging in from a new device will also be required to complete additional multi-factor authentication.
According to the CBN, the measures represent the minimum standards for instant payment operations in Nigeria and form part of a broader push by the regulator to tighten controls in the financial sector and strengthen trust in digital banking systems.
