The National Identity Management Commission (NIMC) has distanced itself from an identity data fraud scheme allegedly involving more than 12,000 Nigerian youths.
According to reports, these individuals are accused of selling personal identity details, including National Identification Numbers (NINs) and Bank Verification Numbers (BVNs), to fintech institutions for as little as ₦5,000.
The scam, first exposed by the Economic and Financial Crimes Commission (EFCC) last Friday, involves what the anti-graft agency describes as an “army” of canvassers soliciting data from unsuspecting citizens under false pretences.
In response, the Head, Corporate Communications, NIMC, Kayode Adegoke, denied any liability following the development, in a statement posted on its official Facebook page on Monday.
Understanding the Identity Data Fraud Scheme
In the statement, the NIMC revealed that the perpetrators reportedly roam communities across the country convincing Nigerians to exchange their sensitive data for token amounts.
The information harvested, including NIN slips, BVNs, passport photographs, and valid ID cards, is allegedly used to open multiple accounts with fintech firms. These accounts are then linked to investment scams, and other forms of digital fraud.
“The NIMC wishes to state clearly that it will not be held responsible for any personal information shared by an individual directly or by proxy for the purpose of financial gain or inducement,” it said.
The NIMC stressed that it has consistently warned Nigerians against sharing their NIN or related documents with unauthorised parties, adding that service providers must always verify NINs before granting access to any service.
“Nigerians have been informed repeatedly in the past by the NIMC not to disclose their NIN to any unauthorised individual or organisation,” it said.
Why It Matters
According to experts, the identity data fraud scheme exposes alarming gaps in Nigeria’s digital infrastructure and the rising exploitation of fintech platforms by fraud rings.
It also brings into focus the issue of digital literacy and the vulnerability of millions of Nigerians who may not fully understand the implications of sharing their personal data.
Fintech companies, often praised for their ease of onboarding and user-friendly interfaces, now face increased scrutiny over Know Your Customer (KYC) compliance.
If criminals can use real, stolen identities to create accounts and bypass due diligence protocols, it raises questions about data governance and accountability across the ecosystem, analysts said.
What Nigerians Should Do
In its advisory, the NIMC encouraged Nigerians to take greater control of their personal data by downloading the NINAuth App, available on both Apple iOS and Google Play Store.
It said the app is designed to allow users manage access to their NIN data securely and offers features such as:
- Controlled sharing of identity information
- Enhanced security and authentication
- Real-time verification of NIN-linked services
The Commission reiterated that any NIN used to access services must be duly verified to prevent abuse or impersonation.
What This Means Going Forward
Experts and industry leaders see the identity data fraud scheme as a wake-up call for Nigeria’s digital identity ecosystem.
Stakeholders argue that fintech platforms must adopt stricter KYC protocols and build more resilient data verification systems. There is also a call for regulators to re-examine guidelines and enforce more robust standards for digital identity access.
Across the board, digital economy leaders stress that without a fortified and citizen-centric identity framework, the risks to trust, innovation, and financial inclusion will continue to escalate.
Talking Points
This latest scandal involving thousands of stolen digital identities traded for as little as ₦5,000 signals a dangerous loophole in Nigeria’s fast-growing fintech space. It exposes just how easily innovation can be weaponised in the absence of robust user education and data governance.
At Techparley, we believe this case reflects a much deeper problem, one where digital access has outpaced digital literacy. The fact that entire communities were targeted and convinced to sell their NINs and BVNs shows how trust is being exploited at scale.
It’s no longer enough for fintech companies to rely on compliance checklists. What this moment demands is a complete rethink of KYC, where identity verification becomes adaptive, decentralised, and tamper-proof, especially for vulnerable populations.
For regulators, this should serve as a turning point. We need frameworks that don’t just penalise platforms after the fact but build protective layers into the system itself, with accountability baked in from the start.
The stakes are high. If fintech is to remain a trusted vehicle for financial inclusion, safeguarding digital identities must now become as urgent as scaling user acquisition.
