Software Universe http://www.softwareuniverse.co.ke/ is a mobile banking service provider that defrauds its banking clients.
This firm has deployed its mobile banking service platform called WAP-TX for a number of banks from tier 1 to tier 3 banks.
Unfortunately, some of the organization’s current and former staff have been running a fraud syndicate there they have been pilfering money from these banks via their mobile banking platform for several years.
They have defrauded at least 6 banks. Due to reputation risk, the said banks choose not to publicize the frauds but some opt to quietly terminate their contract with Software Universe and employ a new mobile banking vendor. Some banks still retain the vendor even after being defrauded. Since no defrauded bank pursues and prosecutes the vendor and fraudsters, the thieves operate with impunity and have stolen from banks repeatedly. Some of the fraudsters names are Dima Odhiambo, Wilson Wamutte and Stanford Momanyi and their photos are attached.
These criminals take advantage that their underlying program source code is encrypted and proprietary to program loopholes into their system that internal IT staff of banks have no access to and cannot detect.
They select the least busy time of the week ie Sunday midnight when few or no IT staff are in banks to carry out their heist. Their preferred method is to use their Mobile App platform that they set up for banks whereby using their malicious code they masquerade as genuine customers and perform mass Bank to M-Pesa transfers from several high net worth accounts into their M-Pesa accounts and pilfer millions of shillings in a single hacking attack.
This dubious vendor (firm owned by one crook Dan Mugo) has become very skilled in bribing IT Heads and internal fraud investigators of the banks he has defrauded not to prosecute him and his fraudsters.
Banks report these frauds to the Banking Fraud Investigation Unit where these cops are also greased to conduct shoddy, incomplete probes that never implicate the vendor (they victimize innocent internal IT staff of these banks) but are just as a formality to get insurance compensation. Thus the vendor and his fraudsters are never made accountable for their crimes and operate with impunity to defraud again and again.
It’s unfortunate that instead of the banks pursuing the vendor and prosecuting the fraudsters for compensation, they sack innocent internal bank ICT staff who had no access to the source code to prevent the theft so as to qualify for insurance compensation. Some of the banks that have been pilfered include Co-operative Bank, National Bank, Commercial Bank of Africa, Family Bank, Housing Finance, and Trans-National Bank. Some of these banks have even been defrauded more than once by the same vendor with no action taken against them.
Co-operative Bank, National Bank, Family Bank, and Trans-National Bank quietly terminated their contract with the vendor once they were defrauded but HF Group and NCBA still use the vendor despite being stolen from.
How can such a vendor still be allowed to operate and why are the crooks mentioned above not in jail??