Research Article

A comprehensive analysis on the implementation of Multifactor Authentication for online banking systems in Nigeria

Abstract

Nigeria’s banking sector has grown rapidly through digital transformation, but this growth has also brought more cybersecurity threats. Because of this, multifactor authentication (MFA) has become an essential layer of protection. This study looked at how major Nigerian banks use MFA by evaluating them with four measures—SMSS, ISI, FDS, and OWS— based on regulatory information and a structured scoring system. The findings show a clear divide: bigger banks like Access, Zenith, and GTBank use stronger authentication methods such as biometrics and hardware tokens, while many smaller banks still depend mainly on simple SMS or email codes. Overall, the banks were grouped into top, mid, and low adopters, highlighting that MFA usage across the sector is still uneven. This research adds to existing knowledge by offering a focused look at MFA in Nigerian online banking, an area that has not been studied as much compared to developed countries. It also introduces the Security Mechanism Strength Score (SMSS) as a new way to evaluate MFA readiness, ranking banks into Low, Mid, and Top Tiers. These insights are useful for regulators, policymakers, and researchers, and they emphasize the broader importance of secure digital banking for society.