The Central Bank of Nigeria (CBN) has issued a new directive that restricts the operation of mobile banking applications to a single device per customer. The policy, announced on Friday, means users will no longer be able to access the same banking app on two different phones or tablets at the same time .
The directive is contained in a circular sent to all banks, other financial institutions, and payment service providers. The document outlines additional security measures for instant payments in Nigeria .
Musa Jimoh, the CBN's Director of the Payments System Policy Department, signed the circular. It mandates what the central bank calls "mandatory device binding" for all mobile financial services apps .
"Mobile financial services applications (apps) shall only be enabled on one device at a time, and customers cannot operate the apps concurrently on multiple devices," the circular stated .
If a customer wants to move their banking app to a new phone, the system will require a fresh verification. The circular noted that migration to another device will trigger automatic re-activation and authentication processes .
The new rules also give customers more control over their instant payment services. Users will have the option to opt in or opt out of instant payment services at any time. The default setting for new customers will be opt-in .
When a customer chooses to opt out, they will not be able to perform online instant transfers from their account. In such cases, transfers can only be completed by visiting a bank branch in person .
The central bank has maintained existing maximum transaction limits of N25 million for individuals and N250 million for corporate accounts. However, customers can now adjust their limits within these thresholds, subject to their bank's risk assessment and due diligence .
To strengthen security, the CBN has introduced temporary transaction limits for newly activated banking apps. For the first 24 hours after activation, both new and existing accounts face a maximum transaction limit of N20,000 .
Financial institutions have the discretion to set lower limits based on their internal risk policies .
The circular also requires banks to implement enterprise fraud monitoring systems. These systems must monitor both inflows and outflows to detect and restrict suspicious transactions .
For online account opening or reactivation, the CBN has ordered stricter identity checks. Banks must conduct "liveliness checks" to confirm the physical presence of the person opening the account. All online account openings must also be validated in real time against the Bank Verification Number (BVN) and National Identity Number (NIN) databases .
Enhanced authentication methods such as multi-factor authentication, biometrics, and soft or hard tokens will be required for online account reactivation . Internet banking users logging into a new device for the first time will also need to complete additional multi-factor authentication steps .
The central bank described these measures as the minimum security standards required for instant payments in Nigeria. The provisions will take effect from July 1, 2026 .
Regulators view the new rules as part of broader efforts to protect customers from unauthorised access and fraudulent transactions as mobile banking continues to expand rapidly across Nigeria .