ABSTRACT

Nowadays human beings frequently need to transfer coins from one account to another. In
such instances they want to visit bank or look for computer linked to net to get get admission
to to the services supplied with the aid of net banking for reliable fund switch. This system
proves to be without a doubt beneficial in such cases. As with the assist of this device the
user just needs to enter the account information. For security, DES algorithm is used together
with immediately verification and consistency check algorithm. These types of are performed
for secure electronic fund transfer. For this reason a person just wishes to visit any EFT
center, so that you can make the price. The transfer is done instantly the use of a single
portable card. In this manner the user can make the fee securely as this device uses DES for
protection and the switch is being accomplished right away. As quickly as the consumer card
is scanned, it gets a SMS message. SMS includes OTP that's particular. All of the person
needs to do is enter this OTP received which will increase stage of protection. After OTP the
person needs to go into account info. This information is being encrypted using DES earlier
than sending it over the community. Consequently this gadget guarantees safety for electronic
fund transfer the usage of DES. Current economic establishments have cashed in at the
electronic business possibilities of the internet by using growing severe fee systems to satisfy
diverse price provider requirements. Advanced computer structures and Telecommunications
generation are being used to provide fast, handy, and cozy approaches to conduct financial
transactions at carrier and protection stages which can be infrequently or never executed
through traditional charge systems. On this paper, we examine the characteristic and
operation drift of the electronic budget transfer manner as well as its security manipulate
mechanism. To evaluate Telecommunication and information protection techniques, a
widespread-main inter-bank price system known as the Society for International Inter-bank
financial Telecommunications system is delivered. Some crucial safety capabilities are
investigated in element.

1
 TABLE OF CONTENTS

1 INTRODUCTION………………………………………………………………………..4

2 LITERATURE SURVEY………………………………………………………………..7

3 PROPOSED ARCHITECTURE………………………………………………………..9

4 IMPLIMENTATION…………………………………………………………………….11
4.1 Sender Bank Process Using DES algorithm
4.2 Recipient Bank Process Using DES algorithm

5 METHODOLOGY…………………………………….................................................13
5.1 Definitions
5.1.1 Electronic Funds Transfer Using DES algorithm
5.1.2 Payment Instruments
5.1.3Consumer
5.1.4 Payment Instrument Issuers
5.2 Regulation of EFT and Consumer Protection Using DES algorithm
5.2.1 General
5.2.2 Ethiopian Laws

6 TERMS AND CONDITIONS OF PAYMENT INSTRUMENTS.................................24

6.1 Duty of Disclosure
6.1.1 Requirement of Clarity
6.1.2 Non-Discrimination
6.1.3 Time of Disclosure
6.2 Authority of the National Bank of Ethiopia
6.2.1 Legislative Authority
6.2.2 Approval of Terms and Conditions
6.3 Terms and Conditions of CBE
6.3.1. Amendment of Terms and Conditions

2
6.3.2. Duty of Documentation
6.3.3. Bank Error in Records and Accounts
6.3.4. Fees
6.3.5. Duty of Cardholders
6.3.6. Liability of Cardholders

7 LIABILITY OF CONSUMERS EFT TRANSACTION…………………………......35

7.1. Authorized v. Unauthorized Transactions Using DES algorithm
7.2. Liability of Consumers
7.3 Unlimited Liability of Consumers- CBE’s Terms and Conditions
7.4 Limited Liability of Consumers.
7.5 Authorization of Transactions
7.5 Limitations of the Liability Regime of CBE Using DES algorithm

CONCLUSIONAND RECOMMENDATIONS….………………………………………46
TABLE OF REFERENCE…………………………………………………………………48
ANNEX……………………………………………………………………………………..49

3
 INTRODUCTION

Every day billions of bucks are transferred electronically between establishments and
individuals in electronic price range switch (EFT) structures. EFT systems’ transactions can't
be processed securely until user identities may be proven and the perfect transmission of
messages between machine nodes may be confident. Statistics protection is considered one of
the maximum critical issues in nowadays aggressive digital economic system. Net technology
provides an fantastic infrastructure for digital facts interchange (EDI), direct marketing, and
statistics retrieval. Particularly, electronic banking and financial services have substantial
boom capability thru the net. A number of the most vital security problems contain electronic
money and virtual coins. As increasingly more agencies bounce onto the statistics
superhighway with interactive net web sites, facts safety turns into an vital issue in digital
financial system.

Cryptography is the technological know-how of protecting the privateers of information at

some stage in communication below adverse situations. In the gift technology of statistics
generation and proliferating computer network communications, cryptography assumes
special importance. Cryptography is now routinely used to guard statistics, which must be
communicated and/or saved over long periods, to shield digital fund transfers and categorised
communications. Cutting-edge cryptographic techniques are primarily based on number
theoretic or algebraic principles. Chaos is every other paradigm, which appears promising.
Chaos is an offshoot from the field of nonlinear dynamics and has been extensively studied.

A huge range of programs in actual systems, each guy-made and herbal, are being
investigated the use of this novel approach of nonlinear dynamics. The chaotic conduct is a
subtle conduct of a nonlinear device, which reputedly appears random. But, this randomness
has no stochastic foundation. It is only as a consequence of the defining deterministic
strategies. The crucial characteristics of chaos are its excessive sensitivity to initial situations
of the gadget.

Safety way the protection of the integrity of digital price range transfer (EFT) structures and
their facts from illegal or unauthorized get admission to and use. Even though the loss in step

4
with robbery seems to be greater than for paper-primarily based payment structures, there is
no real proof that EFT systems thus far have ended in a higher than common crime fee. Why,
then, is the safety of EFT systems an essential public difficulty and probably a primary policy
trouble? In comparison within different fee structures, EFT appears to have a few extra
vulnerabilities:

 EFT structures have many factors of get entry to where transactions may be affected
in unauthorized ways because of direct purchaser involvement with the dynamics of
the systems, using telecommunication strains, and the ways wherein facts are
aggregated and transmitted among and among web sites and establishments.
 Finances may be removed in foreign money almost immediately without overview of
individual transactions by means of officials. Due to the varieties of records recorded
and the manner it's miles aggregated, EFT facts have an economic value above and
beyond the cost of the funds, and subsequently provide another supply of temptation,
 It's miles viable, in principle, for large banks of statistics to be destroyed via faraway
dealers, growing the possibility for maliciousness, extortion, blackmail, or terrorism.
 EFT crime presents a sporting detail, or highbrow task, to a few people that is perhaps
as engaging as the possibility for monetary benefit.
 EFT crime is regularly hard to discover because finances/statistics may be eliminated
or manipulated by means of instructions hidden in complex laptop software; the
dynamics of the crook movement can be understood handiest through a few
specialists in the group.
 EFT crime is poorly said because publicity may additionally draw attention to ways of
attacking the integrity of the EFT device, can also supply groups a bad public photo,
or can also even increase coverage premiums.
 Current law may not be absolutely adequate or suitable for prosecuting EFT crimes.
High diploma of security is mainly crucial to the future improvement and use of EFT
due to the fact this is a pretty new era this is hard a lot older and properly hooked up
price systems. Consequently, it's miles mainly depending on the confidence of the
general public.
 The failure to advantage and maintain the confidence of character and organizational
customers during this era of rapid improvement may want to in the long run
undermine the stability of monetary establishments which have already heavily
devoted themselves to EFT structures and practices. With introduction of electronic

5
price range switch, customers are now able to use price instruments that replace cash.
Presently, maximum Ethiopian banks issue VISA electron debit cards. Using debit
playing cards, customers can withdraw money from ATM each time of the day and
make payments at point Of Sale (hereinafter “POS”) terminals for services or goods
provided via merchants. Comparable offerings are available for VISA and credit card
cardholders from different countries.

Digital finances transfer with the usage of payment devices such as debit card
diminishes the dangers of loss or robbery that are enormously commonplace with the
usage of coins. Furthermore, it's miles Handy to carry and use a card rather than a
massive amount of cash. It's far additionally argued that modern payment gadget
whereby budget are transferred electronically is a key aspect to amplify banking
services to most of the people of unbanked Ethiopians principally due to the fact
economic establishments do not want to open workplaces and make investments
heavily with the intention to provide a banking carrier in the other hand, green and
comfy charge machine allows the financial rules of the government to reach the
economy without difficulty and foster investment boom and country wide saving
these are a number of the advantages of EFT.

6
 2. LITERATURE REVIEW

C.H.Meyer, S.M.Mat.Yas (2015)mentioned the private verification tactics at distinct

institutions in an interchange surroundings are isolated from each other. It's far assumed that
most effective statistics stored on the financial institution card and data remembered by using
a sys–tern person are employed for non-public verification. It's far proven that simplest via
the usage of a mystery Amount saved at the bank card will the set of required criteria be
satisfied. With a non-public key, the same diploma of isolation can be achieved for
authentication of transaction request messages sent from the entry factor to the problems.

Dan Zhu (2012) analysed approximately modern-day financial institutions have cashed in at
the digital business opportunities of the net by way of developing numerous price structures
to satisfy numerous fee provider requirements. On this paper, we have a look at the function
and operation flow of the electronic funds transfer technique as well as its protection
manipulate mechanism. To evaluate telecommunication and statistics protection strategies, a
standard-main inter-financial institution payment machine called the Society for worldwide
Inter-financial institution monetary Telecommunications device is brought. Some crucial
safety capabilities are investigated in element.

Mintu Philip, Asha Das(2011) Chaotic Encryption approach seems to be a good deal better
than conventional encryption techniques used today. Chaotic encryption is the new path of
cryptography. It uses chaotic device residences together with touchy to initial situation and
loss of statistics. Many chaos-based encryption methods were supplied and discussed in the
closing too many years. As a way to reach higher overall performance, these methods take
benefit of the an increasing number of complex behaviour of chaotic alerts. Mohammed
AbudallahMdAysan, Fareed Hassan Almalki, Abdullah Mohammed Almalki (2014) this
paper proposes a symmetric key cryptosystem based totally on the easy mathematical
logarithm characteristic.

The proposed device benefits from the algebraic homes of log consisting of non-
commutative, excessive computational speed and high flexibility in selecting keys which

7
make the Discrete Logarithm trouble. Additionally the encrypted text converted into binary
numbers to make more difficult to recognize by the backer. This approach could be suitable
in any enterprise house, authorities sectors, conversation network, defence network device,
sensor networks and so on.

Figure 1. A Sample Swift Payment Message

8
 3. PROPOSED ARCHITECTURE

Digital Fund switch essential for the centre East united states, in mainly Saudi. Greater than
7.Five million expatriate running in Saudi Arabia. Our proposed model enables transactions
among clients with the help of banks or other third parties centre. This Electronic Fund
transfer device is at ease and convenient opportunity to payments and bank transaction.
Electronic Fund transfer is transferred right away from one vicinity to every other Within
fraction of second the recipient can accumulate the money right now. Therefore, electronic
Fund transfer transactions commonly require no remote authorization or non-public
identification quantity (PIN) codes on the point of sale.

Figure 2: EFT system model

9
How a typical e-cash machine works: A Banker or seller symptoms up with one of the taking
part banks or economic establishments. The seller gets specific software to put in on his or
her computer. Then the transaction method described in determine.1 model transaction
between events Mr.A and Mr.B The primary man or woman wants to switch the cash to
other person, though he processes X-bank or local vendor, the seller or Banker processing
Mr.A request and presenting secret or symmetric key. Also X-financial institution switch
Cipher textual content through web application to Y-bank. On the equal time Mr.A sending
secret key to Mr.B through secured channel. Then Mr.B technique to the Y-financial
institution to pay the money, Y-bank verifies the message with secret key and switch money
to Mr. B.

Figure 3. A method of funds transfer to conduct payment

10
 4. IMPLEMENTATION

Digital budget transfer is one of the oldest digital price systems. EFT is the foundation of the
coins-less and check-less lifestyle in which and paper bills, assessments, envelopes, stamps
are removed. EFT is used for transferring cash from one bank account directly to any other
with none paper cash converting palms. EFT is taken into consideration to be a safe, reliable,
and handy way to behaviour enterprise and transfer the money.

The implementation program allows the seller or banker to install “electronic fund switch” to
his or her computing device. The software manages the secret key. The seller software
generates a coins transaction with our new proposed set of rules and mystery key furnished to
the sender. The sender transfers the secret key to the recipient for attraction the cash in his
Vacation spot place. Recipient banker verifies the name of the game message with key and
offers the coins to the recipient.

4.1. Sender Bank Process Using DES algorithm

Here, we have taken some instance of shifting money 5432 Saudi Riyal. As in step with the
integer fee five is 32, 4 is 31 and so forth (A-Z=1 to 26,0-nine is 27 to 36). Then we select
random Logarithm as a mystery key and converting fee to binary digits is cipher textual
content message switch to the recipient and secret key given to the sender. The entire sender
bank procedure cited in the following desk.

11
 Table 1.Moneysending process

4.2. Recipient Bank Process Using DES algorithm

While the recipient claims his cash with the secret key, we confirm the binary digits and
convert into integer value with secret key. The system of recipient claim stated in the desk
no.2.

Table 2. Payment verification process

12
 Figure 3. Modified SWIFT network

5. METHODOLOGY

On this chapter terms and ideas associated with the problem depend of the thesis are
described usually on the premise of Ethiopian legal guidelines. But, definitions of different
jurisdictions are employed to complicate a few phrases. Moreover, the main legal units of
Ethiopia that regulate an EFT agreement among a client and a bank are outlined.
Additionally, justifications for purchaser protection in EFT alongside the methods
accompanied by some jurisdictions are drawn.

5.1. Definitions

5.1.1. Electronic Fund Transfer Using DES algorithm

Fund transfers or payments are broadly defined to include non-cash bills to third parties, cash
withdrawals, and transfers from one account to every other. Four Article 2(13) of the
countrywide charge gadget Proclamation (hereinafter the “Proclamation” or the “NPSP”)

13
defines finances transfer as “a means of any switch of finances either representing an order of
charge or switch of cash, that's initiated through way of practise, authorization or order to a
monetary institution to debit or credit score an account maintained with that economic
institution and includes POS transfers, ATM transactions, direct deposits or withdrawal of
finances, switch initiated by means of cell phone, internet, card or different devices”.
Lamentably, the Proclamation fails to especially outline digital Fund switch. There are not
any different laws of Ethiopia that outline EFT either. As a end result, inn to literature and
legal guidelines of different international locations that outline EFT is important. Usually,
there are types of EFT namely non consumer activated EFTs also known as interbank transfer
of budget and patron activated EFTs by way of personal account holders of banks.5Electronic
price range switch in the U.S. Is described as “switch of finances initiated through an digital
terminal, smartphone, laptop such as on-line banking or magnetic tape for the motive of
ordering, educating, or authorizing a monetary institution to debit or credit score a
consumer’s account and can include but not restricted to POS transfers, ATM transfers, direct
deposits or withdrawal of funds, transfers initiated via phone, and transfers on account of
debit card transactions, whether or no longer initiated thru an digital terminal”. This
definition of EFT is more or much less comparable with the ‘price range switch’ definition
furnished by way of the Proclamation. Subsequently, although the Proclamation Fails to
outline EFT especially, its definition of ‘budget switch’ contains the principle idea and
techniques of EFT. Consequently, EFT within the context of the Proclamation can be defined
as an electronic funds transfer initiated by way of education, authorization or order to a
financial group to debit or credit an account maintained with that financial institution which
is began by telephone, net or card and includes POS transfers and ATM transactions.

Here is a precis of EFT transaction procedure. For every EFT transaction, the sender’s
commands are typically authenticated by an get right of entry to tool consisting of a secret
code or private identity range (hereinafter “PIN”), both alone or extra typically in conjunction
with a bodily device, such as a card, which is inserted at a terminal.7 to place it in a context, a
debit card transaction at a POS terminal with using a PIN code is first authenticated with the
aid of keying inside the PIN after which legal via confirmation of the transaction and
initiating the web approval by means of pressing the ‘good enough’ key. Eight price range are
as a consequence, transferred electronically from the account of the payer to the payee.

5.1.2. Payment Instruments

14
The Proclamation defines charge instrument as “any instrument whether tangible or
intangible that allows someone to reap money, goods or provider or to otherwise make price
or switch money inclusive of cheque, drafts and playing cards”. Consequently, charge
contraptions can be used to attain money, make charge or transfer money. The national bank
is permitted to designate charge gadgets that can be issued and decide the situations,
obstacles and requirements for his or her issuance.

According to the definition above, cards are one sort of payment gadgets. A card is described
as any card or other tool, including a code or some other manner of access to an account that
may be used on occasion to reap or deposit cash or to make fee and includes debit, credit and
saved cost cards. Hence, playing cards can be used to achieve or deposit cash or to make
bills. Whereas no definition of both debit or credit score cards is furnished, a stored price card
is described as a pay as you go card in which the file of finances can be accelerated or
decreased. In standard, charge instruments are tangible or intangible

Gadgets consisting of cheque, drafts and cards such as debit, credit or saved price cards. As
the list is indicative different payment units will also be included by the rule of thumb.

The European payment offerings Directive in the inner marketplace defines payment device
as any customized device(s) and/ or set of methods agreed between the charge carrier person
and the issuer and utilized by the person so that you can initiate a fee order. On the alternative
hand, an get right of entry to tool in the U.S. Is defined as a card, code, or other means of get
admission to a client’s account or a combination utilized by the patron to provoke EFTs and
may consist of debit card, PIN, phone switch and phone bill price codes and different way to
initiate an EFT to or from a patron account.

Usually, there are 3 fundamental types of payment cards specifically pay later playing cards
(fee and credit cards), pay now (debit cards) and pay earlier than (stored cost card, prepaid
card or purse). Often a unmarried card has a couple of capabilities as a credit, debit or ATM
cards. Whether or not a card falls into one category or any other is not constantly apparent
from the cardboard itself, consequently is essential to seek advice from the agreement
between the cardholder and the cardboard company to determine the sort of the cardboard.
Description of every form of card is made below. a card supplying an assurance of payment
to a merchant accepting the card below an agreement both with the issuer or with the
merchant’s bank is a credit card while a debit card facilitates get entry to to finances within
the cardholder’s deposit account. A card beginning charge that is facilitating get entry to to

15
budget in the cardholder’s account totally on the basis of information communicated
electronically is an EFT debit card. Both credit score and debit cards can be used to make
charge for a purchase of goods and offerings by way of the cardholder further to acquiring
cash from ATM or POS terminal. Debit cardholder obtains coins at once from her bank
account and may most effective attain credit from the issuer where the amount is charged to
an overdrawn account. On the opposite hand, a cardholder obtaining coins with a credit card
is charged interest from the date the quantity is debited from her account with the provider.

Debit cards are outstanding from credit score cards in that using a debit card outcomes in an
instantaneous debit to the user’s financial institution account, while the usage of a credit card
consequences in an extension of credit score to the cardholder. Similarly, the way credit score
and debit card transactions are settled is unique. Settlement is an act of discharging
responsibilities by using shifting finances, securities or financial contraptions between or
more events. Settlements by using a credit cardholder can be made whether or not in full
while the company submits the account or by means of instalments with interest fee.

On the alternative hand, while a cardholder makes use of a debit card, the price is mandated
to the retailer by means of an digital money switch involving a debit of the sum worried to
the cardholder’s financial institution account. The transfer is whether on line machine like
VISA electron or occur in batches someday after the transaction.

An ATM card is used by a patron to obtain coins from ATM by way of typing in PIN
wherein the client’s account with the financial institution is debited with the aid of the
quantity of the coins issued and the card can in addition be used to make a stability enquiry.
On the other hand, stored price playing cards or pay as you go cards contain the storing of
economic value as digital statistics on a clever card or electronic purse impartial of a financial
institution account. It is different from different systems of price which depend upon the
substitution of 1 contractual debt for every other or which contain the digital switch of
commands to a financial institution to impact price the use of EFT network.

While a few prepaid playing cards, consisting of most present and call cards, are usable only
for purchases from a unique store or carrier issuer, more and more prepaid cards are
community-branded playing cards which enable the cardholder to apply the cardboard at any
shop or middle with the cardboard network logo.

16
Its miles essential to make two observations with regard to EFT initiated with using various
sorts of payment units. First, difference between fee instruments is paramount where the level
of safety for consumers of each kind of payment tool is different. as an example, inside the
U.S, there are units of legal guidelines that govern consumer rights of credit score and debit
cardholders. Though in lots of respects, the laws treat credit and debit cardholders the Same
there are two foremost differences. First rules concerning liability of the cardholder for
unauthorized use of the cardboard are exclusive, with debit cardholders bearing more hazard
than credit score cardholders.

Additionally, the claims and defences of the cardholder primarily based on breach of a
settlement by way of a service provider, e.g., by way of offering defective or non-conforming
items, can be asserted against a financial institution that issued the card by using a credit
cardholder but now not via a debit cardholder. The justification for the special degree of
safety is credit cardholder’s most effective use credit score line to use their credit playing
cards while a debit cardholder accesses one’s asset account.

The second remark is, practically speaking, most developing international locations in no way
acquired the credit card habit due to the fact they lack the credit score data and reporting
systems essential to support credit score cards, and relatively few in their citizens have
sufficient demonstrable income to qualify for credit.

As a result, because the “Plastic Revolution” takes keep in growing international locations, it
isn't credit playing cards but debit and prepaid playing cards which might be beginning to
convert the coins economies in locations like China, Brazil and southern Africa. Ethiopia is
not an exception here. Credit score is constrained to investments and in a few cases to
housing tasks and is relatively regulated by using the government. Henceforth, it suffices to
kingdom at this factor that introduction of credit score card as a charge device in Ethiopia is
far from being fact.

Having this in thoughts, its miles no wonder that Ethiopian banks are presently issuing only
debit electron playing cards. It's miles crucial, but, to be aware that prerequisites within the
Proclamation are relevant to all fee gadgets and EFT associated provider alike. Nonetheless,
the sections of this thesis on contractual regulation of use of payment devices are confined to
debit cards. This is ordinarily due to the fact the TOCs to be had are on the usage of debit
playing cards issued by banks. As a result, the scope of the thesis, for which contractual
TOCs are number one and handiest sources, is confined to EFT initiated with debit playing

17
cards. Until the text refers in any other case, price instrument and debit cards are used
interchangeably at some point of the discussion. It have to be cited that debit playing cards
are used to initiate EFT; hence, both phrases are on occasion used interchangeably.

5.1.3. Consumer

The NPSP sets some rights of customers issuers of payment instruments. It does not,
however, provide for definition of a ‘customer’. As the proclamation does not provide for
rights of consumers, it is no surprise that it does not define ‘consumer’. The Mobile and
Agent Banking Directive of Ethiopia, which implements parts of the Proclamation defines a
customer as an individual or entity who uses mobile and agent banking services as defined in
the same. If one adopts this definition to NPSP, a customer is an individual or entity who uses
EFT services or to whom a payment instrument is issued.

Similar to the Proclamation, the MABD does not define a consumer. Hence, there is a need to
look for the definition of ‘consumer’ in other pertinent legislations of the country. The
relevant legislation is the Trade Practice and Consumers’ Protection Proclamation which
defines a consumer as “a natural person who buys goods and services for her personal or
family consumption and not for manufacture or resale.” It is irrelevant whether the price of
the goods or the services is paid by the consumer or another person. This definition of
consumer is endorsed for the purpose of this writing.

Consequently, a consumer is a natural person who uses payment instruments to initiate EFT
for her personal or family purposes. Accordingly, the thesis adopts this definition and
evaluates the consumer protection issues relating to EFT in general and payment instruments
in particular. As a result, unless the text implies otherwise, customers or cardholders are
assumed to be consumers for the purpose of this study.

On the other hand, the EU Payment Services Directive, defines a consumer as a natural
person who, in payment service contracts covered by the Directive, is acting for purposes
other than her trade, business or profession while payment service user is a natural or legal
person making use of a payment service in the capacity of either payer or payee, or both. The
U.S. Electronic Funds Transfer Act defines a consumer as a natural person.

5.1.4. Payment Instruments Issuers

18
The National Bank authorizes persons to establish and operate a payment, clearing or
settlement system and issue payment instruments .The authorization relates to both operating
a system and issuing payment instruments. Hence, an operator of a system can be issuer of
payment instruments. Financial institution or any other entity can be an operator of a system.
It has been noted above the Bank has the authority to designate payment instruments that can
be issued. To date, only commercial banks have issued debit cards in Ethiopia. Accordingly,
for this purpose of the thesis, payment instrument issuers are commercial banks. Banks and
issuers of payment instruments are used interchangeably.

On the other hand, different names and definitions are provided for payment instruments
issuers in the U.S. and the EU. The Act provides “financial institutions” means a State or
National bank, a State or Federal savings and loan association, a mutual savings bank, a State
or Federal credit union, or any other person who, directly or indirectly, holds an account
belonging to a consumer. The EU Payment Services Directive defines payment service
providers as bodies referred to in its Article 1(1) and legal and natural
persons benefiting from the waiver under Article 26.

5.2. Regulation of EFT and Consumer Protection Using DES algorithm

5.2.1. General

The cardholder enters into contract with the cardboard company and the contract serves as the
primary tool governing the cardholder’s relation with the cardboard provider.47Hence, the
primary felony consequences within the use of fee units rise up from contractual phrases and
conditions, which aren't freely negotiated by way of the parties but positioned with the aid of
the issuer of the cardboard.48Even although, TOCs govern the undertakings of a customer
and a bank, they're challenge in some international locations to specific statutory law whose
goal is purchaser protection. Examples of such rules consist of the U.S. EFT Act and law E
and the European fee services directive. In evaluation, the proliferation of debit and pay as
you go playing cards in developing nations has been met with regulatory inactivity in
maximum places.

The complex aspects of EFT law difficulty the quantity to which purchasers want or deserve
To be protected from third party fraud, faults on the a part of economic institutions, and

19
Purchasers’ personal carelessness. While statutory protections can be open to interpretation
by way of courts, they typically can't be waived through customers or changed with out
legislative movement in place of contractual protections that can commonly be changed
unilaterally upon word to the consumer. Broadly mentioning, purchaser protection rules are
looking for to lessen uncertainties for both customers and economic institutions regarding
liabilities related to digital payments, to offer protection in opposition to unauthorized or
faulty electronic transactions that access customer money owed by means of putting pointers
to allocate legal responsibility for unauthorized transactions in addition to implementing
documentation and record-preserving necessities to assist clients in detecting and remedying
disputed problems.

The primary justification for regulating TOCs for EFT advocates that consumers do not have
the ability or sophistication to negotiate balanced liability allocation rules with economic
establishments. This is due to the fact banks formulate TOCs for their offerings on take it or
go away it foundation. Except, the four or 6-digit PIN chosen by way of financial institutions
as a fee-effective mass distribution authentication technique for purchasers is pretty
susceptible.
A person status in the back of and watching a client coming into PIN at an ATM or POS
terminal can without issue do not forget a 4 digit PIN and in the end use the identical if she
manages to thieve the card from the cardholder. Europol’s file on fee Card Fraud in 2012
indicates that payment card fraud is a low chance and highly worthwhile criminal interest
which brings prepared crime agencies originating from the European a every year profits of
round 1.Five billion euros. This observes indicates the extent of the danger of unauthorized
use/fraud associated with charge playing cards.

5.2.2. Ethiopian Laws

5.2.2.1. Consumer Proclamation

The purchaser Proclamation is relevant to all people carrying industrial sports and to
any transaction in goods and offerings within Ethiopia. Banks are enterprise folks wearing
commercial activities in the that means of article 2 of the proclamation and article 5 of the
economic Code of Ethiopia. The objective of the patron Proclamation is to defend rights and
benefits of clients. To this quit, it affords for rights of purchasers and prohibits certain acts of

20
enterprise humans. Furthermore, it establishes an autonomous federal organ named trade
Practices and purchaser safety Authority.

The goals of the customer Authority consist of protection of clients from unfair practices of
enterprise individuals and taking administrative and civil measures towards enterprise or
other humans violating the proclamation. A patron who uses charge instruments to provoke
EFT is consequently entitled to experience the rights enshrined inside the proclamation.
Moreover, clients have the right to put up their proceedings to the patron Authority for
adjudication and be compensated for damages suffered because of transactions related to
EFT.

5.2.2.2. National Payment System Proclamation

The Proclamation on national payment machine was enacted, ten years after the introduction
of the first ATM by CBE, to provide guidelines on establishment, governance, operation, law
and oversight of the national price gadget if you want to make sure its safety, protection and
performance.
The enactment of the Proclamation results in the regulation of banking offerings which had
been unregulated for some time. The NPSP offers with quite a number EFT associated
matters like phrases and situations and compliant decision methods.62The other matters
regulated are assets of rights and duties of participants of shared systems, validity of digital
facts and digital communications and presentment of pictures for charge together with digital
cheque. Besides for the regulations at the rights and responsibilities of contributors of shared
systems, the other policies are geared toward making sure digital record and evidence are
given equal cost as regular files. Those policies are specially meant to update the existing
settlement and proof policies of the United States of America to use to EFT.

The NPSP does not provide for rights of consumers of EFT. Rather it prescribes obligations
of issuers or operators vis-à-vis their clients. Hence, clients and consumers are blanketed
equally with the aid of the Proclamation. Issuers are required to prepare clear and widespread
pattern TOCs in terms of EFT and stored value playing cards, applicable to all their
customers in comparable way and make the TOCs available for his or her review and viable
settlement. Furthermore, necessities regarding compliant resolution that bind the provider are
supplied. Operators, contributors and issuers of fee contraptions are, accordingly, obliged to

21
establish inner compliant managing tactics in terms of digital fund transfers and saved price
facilities. Except, they are required to suggest customers at the procedures for
accommodations complaints.

In instances in which the operator, player or provider of a fee instrument is a party to a

Shared device, every must clear up lawsuits or disputes with its clients on the subject of the
processing of EFT or saved price cards promptly via its internally installed structures.
Moreover, clients may not be required to give their court cases to another party to the shared
device, or to have those lawsuits or disputes investigated by any other party to the shared
device.
5.2.2.3. Mobile and Agent Banking Directive

The national financial institution of Ethiopia enacted the MABD on the premise of Article 10
of the proclamation. As its name suggests, the Directive on cellular and Agent Banking
applies to monetary establishments that behaviour cell and agent banking. It defines agent
banking as behaviour of banking business on behalf of a monetary organization via an agent
using numerous provider transport channels as authorised below the MABD whilst mobile
banking manner acting banking activities which in most cases includes opening and
maintaining mobile or everyday debts and accepting deposits and it includes appearing fund
switch or coins in and coins out services the use of cell devices.66A mobile account is an
account maintained through a patron in monetary organization in which debits and credits are
made with the aid of distinctive feature of EFT and Which is used to conduct cell banking
activities as mentioned by the Directive.
On the other hand, a fund transfer is described as switch of funds from a patron’s mobile or
regular account to some other account or vice versa.67According to Article 2.Four of the
MABD, cash in and coins out offerings talk over with deposit or withdrawal of finances
along with payments via clients to or from their account the use of a ramification of options
inclusive of ATM. Switch of budget and cash in and coins out offerings, according to the
definition of mobile banking, are achieved using cellular gadgets. Cell device consists of
mobile phones, clever telephones, table private computer systems, POS terminals or any
other similar device. The list is not exhaustive. Therefore, different similar devices are
included. However, I argue charge playing cards are not similar devices to POS terminals,
desk non-public computer systems, smart phones or cellular phones. As a end result, playing
cards along with debit playing cards fall outdoor the scope of the Directive.

22
Normally, the MABD is relevant to cell banking sports where clients open and hold mobile or
ordinary account in a monetary institution if you want to switch finances electronically, to
deposit or withdraw finances, to make bills the use of an expansion of mobile gadgets
inclusive of cell phones, smart phones, desk personal computer systems and POS terminals.
The MABD calls for economic establishments offering cellular banking services to install
region guidelines and techniques to cope with client protection and compliant redress issues.
It follows the footsteps of the Proclamation, which indiscriminate between protection of the
purchasers and customers.

The MABD lists minimum client safety requirements that should be included within the
rules and processes of monetary establishments presenting cell banking.69It, amongst others,
regulates requirements of documentation of transactions, confidentiality of patron facts,
responsibility of disclosure of terms and situations, transparency in pricing merchandise and
offerings and compliant resolution methods. The policies of the MABD bind a financial
institution that provides cellular banking services whether or not on its personal or through an
agent. The Proclamation rules’ on rights of clients and obligations of charge instrument
issuers discussed at some point of this paper are relevant to mobile banking as described
inside the MABD. In addition, customers of cellular banking are entitled to precise and
certain sets of rights supplied within the MABD. Because the MABD excludes fee cards from
its scope, its regulations are not applicable to debit cards. Hence, the rules of the MABD are
not hired in the imminent chapters.

23
 6. TERMS AND CONDITIONS OF PAYMENT INSTRUMENTS

Banks prepare phrases and conditions for the services they offer. Terms and situations of a
Specific banking carrier regulate the rights and duties of the bank and its consumers.
However, basic precept of settlement dictates that the object of a agreement is freely decided
with the aid of the events concern to such restrictions and prohibitions as are provided
through law.Seventy one within the context of EFT agreements among a financial institution
and a customer, one of the statutory necessities relevant before a settlement is concluded is a
obligation of disclosure of phrases and conditions. The essence of the duty as provided inside
the pertinent law is tested. The second subject of the bankruptcy is related to phrases and
situations that govern the rights and obligations of provider of price instrument and
consumer. The powers and authority of the national financial institution of Ethiopia with
reference to TOCs of EFT and stored price facilities are studied. On this regard, the bank is

24
authorized to exercise each legislative and regulatory authority via the NPSP. The prison
foundation for such authority of the financial institution is tested. Moreover, justifications for
such authority are sought. In the long run, terms and conditions of CBE for VISA electron
debit cards it problems are summarized collectively with the client protection challenge they
pose. A connection with different jurisdictions is made wherein relevant.

6.1. Duty of Disclosure

The client Proclamation presents for a obligation of disclosure of a commercial enterprise

character. It stipulates upon request by way of a patron relating to items or offerings she sells,
any business individual must satisfactorily disclose herself and permit the client take the facts
she wants. This obligation applies to all commercial enterprise men and women in Ethiopia
including banks. Specific to EFT and price units, obligation of disclosure is provided within
the NPSP. The duty calls for the provider of payment instruments to prepare clear and general
sample TOCs applicable to all its customers, and make it available for their evaluate and
viable agreement. The three additives of this duty are explained beneath.

6.1.1. Requirement of ‘Clarity

Charge tool issuers are required through the NPSP to prepare clean situations. The
Legislative requirement of ‘readability’ however, is short of explaining what elements have
to be considered to decide whether a given circumstance is clear or not. The requirement of
readability is prescribed in different jurisdictions as well. For example, within the U.S.,
disclosures of TOCs have to be clean and effortlessly comprehensible. Disclosures may be
made in a language other than english where they had been made to be had in English upon
the consumer’s request. In addition, the eu fee services Directive offers the records and
situations for price service ought to take delivery of in without difficulty understandable
words and in a clean and comprehensible form, in an professional language of the Member
kingdom wherein the payment provider is offered or in any other language agreed among the
events. The requirements in each contraptions are wider than that of the Proclamation via
putting additional qualification to ‘readability’ together with ‘easily understandable’ or ‘with
no trouble comprehensible’. They similarly alter the ‘language’ that should be utilized in
making ready terms and situations.

25
Therefore, readability of TOCs pertains to the selection of language used, the way in which
the TOCs are formulated or the inclusion or omission of a few terms of the agreement. In the
first case, readability might also mean whether the provider has used English in preference to
a local language, such as Amharic, in making ready the terms and the situations. From a
settlement law point of view, training of TOCs in language a contracting birthday celebration
does now not recognize may have an effect on the very validity of the agreement. This is in
instances where a celebration expresses her agreement to a contract written in overseas
language without obtaining its translation or complete translation, that contract may be
invalidated if essential mistake is verified. This is broadly speaking because Ethiopian
regulation of agreement follows the principle of ‘announcement of will’ whereby a contract is
made or completed, not with the aid of agreement of wills but through agreement of
declaration of wills. Seventy eight in addition obstacles to readability of TOCs may be posed
with the aid of the use of jargon. Such use may appreciably hinder the capability of the
cardholder to realize the content of the TOCs and thereby may bring about faulty consent.
Ultimately, the readability of TOCs can be obscured by inclusion of pointless content
material or omission of important components of the agreement. Both cases impair the ability
of the patron to apprehend the agreement as an entire.
Additional necessities of duty of disclosure can be imposed. Within the U.S. It's far required
disclosures to be, in writing and in a form a purchaser can also keep.79Similarly, the
European price services directive requires the provider make to be had the user on paper or
on any other durable medium with the records and conditions laid out in Article 42 of the
directive. In assessment, the Proclamation is silent on this regard.

The TOCs of the CBE for the use of VISA debit cards are prepared in English. Strikingly, the
Application shape has each Amharic and English versions. It's miles difficult to grasp the
justification for getting ready TOCs in English wherein the language is neither a country wide
nor an reliable language of the usa. To make matters worse, no longer many Ethiopians are
capable of recognize everyday English files not to mention a surprisingly technical English
TOCs. As a end result, the training of TOCs of CBE in English language fails to fulfill the
statutory requirement of clarity in the Proclamation. Similarly, the purchaser Proclamation’s
requirement ‘to satisfactorily reveal oneself’ isn't always met. However, CBE does no longer
allow customers to keep the TOCs of debit playing cards.

6.1.2. Non Discrimination

26
The other detail of responsibility of disclosure underneath the Proclamation is the payment
tool company ought to put together preferred sample TOCs relevant to all of its clients.
Issuers aren't allowed to discriminate amongst their clients. In addition, the client
proclamation prohibits a business character from unduly favoring one customer over the
alternative. As a end result, banks are obliged no longer to discriminate consumers and to
prepare TOCs for fee gadgets or EFT relevant to their customers alike.

6.1.3. Time of Disclosure

The provider of a charge device is needed to make its TOCs to be had to customers for their
overview and feasible agreement.82The requirement suggests that clients need to be able to
review the TOCs before agreeing to the contents thereof. As a result, the responsibility of
disclosure should be discovered through the provider before the conclusion of an settlement.
After reviewing the terms and conditions, a customer can both be given or decline the TOCs
for EFT and saved cost cards. The phrases and conditions of the CBE are made to be had to
purchasers on the time while the patron applies for VISA electron debit card. Consequently,
the exercise of the financial institution is in line with the requirement of the Proclamation.
In the U.S., required disclosure must be made on the time the patron contracts for an EFT
Service or earlier than the primary EFT is made concerning the purchaser’s account.83
further, the ecu charge services Directive calls for disclosure to be made in proper time before
the person is bound by any framework agreement or provide.

The significance of duty of disclosure prior to end of a agreement cannot be overstated as

it is fundamental within the formation of agreement. Ethiopian regulation of agreement has
stipulations regarding consent in general and specific requirement concerning trendy
commercial enterprise terms. To begin with the general regulations on consent of the
contracting events, a contract is fashioned upon the consent of the events who outline the
object in their undertakings and comply with be certain thereby. Furthermore, a agreement is
deemed finished where the parties have expressed their settlement thereto and reserves or
restrictions supposed through one birthday party shall not affect her settlement as expressed
wherein the opposite birthday celebration was no longer knowledgeable of such reserves or
regulations. It follows that a settlement isn't deemed to be completed except the parties have

27
Expressed their settlement to all the terms of the negotiation. That is best a contracting
celebration in this case a purchaser who was given the hazard to check TOCs of a fee
instrument and who is of the same opinion to those afterwards is thought to have freely given
her consent to be bound thereby.

In any other case, agreement regulation dictates that a settlement is not validly shaped.
Particular to enterprise contracts, it is stipulated that widespread phrases of business
implemented by way of a celebration shall no longer bind the other birthday party until she
knew and frequent them or they were prescribed or accepted through the authorities.88As a
result, undisclosed preferred phrases of EFT business by means of a bank do now not bind
the customer unless she knew and widespread them. Therefore, contract law and the
countrywide fee gadget Proclamation require the price instrument company to disclose its
TOCs earlier than the client offers her consent. The subsequent trouble is whether the
obligation of disclosure of TOCs goes beyond this by using prescribing the minimum
contents that have to be disclosed to a consumer of EFT provider. In each european and U.S.,
monetary institutions are required to make some mandatory disclosures. Financial
establishments of the
U.S. Are required to reveal legal responsibility of purchasers for unauthorized EFT, phone
range and deal with of the economic group, its enterprise days, types of transfers and barriers
on frequency or greenback quantity, applicable charges, rights of the consumer to
documentation, a precis of the consumer’s right to forestall fee of a preauthorized EFT, legal
responsibility of the organization, confidentiality of customer records and errors decision.89
similarly, the European payment services Directive calls for that data and conditions
regarding the issuer, using the payment carrier, expenses, interest and change rates,
communiqué, safeguards and corrective measures, modifications in and termination of
framework settlement and redress be provided to the consumer earlier than she is bound by
means of a agreement.

According to the customer Proclamation, a patron has the proper to get sufficient and correct
information or clarification at the nice and sort of goods and offerings she purchases.
Consequently, a customer might also demand enough and accurate information on the EFT
carrier she is applying for. However, mandatory list of TOCs that need to be disclosed to
clients before they enter into settlement isn't always regulated. The NPSP fails to enumerate
the facts that must be disclosed in TOCs of EFT service or price units. The provider sporting

28
events discretion as regards what to disclose to its customers. Even though undisclosed terms
of contract in principle do no longer bind the opposite contracting birthday party, litigation
prices and inconvenience may additionally discourage a patron from invoking this principle.
A patron may additionally choose to just accept the undisclosed TOCs as opposed to tough
the bank and its prepared felony team. In evaluation, if the important terms of the agreement
are disclosed to the customer, the patron can have the hazard to agree or vary to the phrases.
Thus, the consumer can keep away from any viable litigation problem. One may argue that
the discretion of Ethiopian banks on what to disclose is challenge to oversight of the national
bank of Ethiopia that is authorized to approve TOCs of the issuer earlier than they become
available to clients. This takes us to the subsequent situation handling the authority of the
bank vis-à-vis TOCs of EFT.

6.2. Authority of the National Bank of Ethiopia

The Proclamation for the established order of the national bank enumerates the bank’s
functions as to hold stable rate of charge and alternate, to foster a wholesome economic
device and to adopt such different associated activities as are conducive to speedy economic
improvement of Ethiopia. It lists a number of powers and duties of the financial institution.
One of such powers is to take steps to set up, modernize, behaviour, screen, adjust and
supervise fee, clearing and agreement structures. It's far commonplace for lots imperative
banks to have express felony authority with admire to fee and agreement structures.
According to the NPSP, the bank establishes, owns and operates, participates in, regulates
and supervises an included fee system including large fee budget switch machine and retail
budget transfer gadget.95Likewise, it has the power to authorize others to establish and
function a system and trouble payment gadgets.

6.2.1. Legislative Authority

The significant authority of the national bank of Ethiopia extends to legislative powers. On a
wide variety of topics, the financial institution is authorized to enact directives. On topics
relating to EFT on my own the financial institution has the authority to enact directives on
five out of six difficulty subjects. Ninety six alas, the Proclamation does now not offer
justifications for such substantial legislative and power of the bank. as regards terms and

29
conditions, the bank is allowed to prescribe by way of directive simple TOCs to be applicable
to contracting events inside the commercial enterprise of EFT and stored price centres.

The Logical inference is that such authority of the bank must be exercised to provide minimal
Rights of purchasers of EFT as non-consumers are capable of negotiate balanced terms and
Situations. You'll be able to study from the eu charge offerings Directive’s role in this
remember. It asserts that as clients and organisations aren't inside the identical function, they
do not want the same level of protection.98It contains on, whilst it's miles important to assure
customer’s rights by way of provisions which cannot be derogated from via settlement, it's
miles reasonable to allow enterprises and agencies agree otherwise.99Hence, the legislative
authority of the NBE to prescribe fundamental TOCs of EFT should be exercised with the
aim of protective customers who are incapable of for my part negotiating TOCs of banks.
Strictly talking, the NBE has a legislative mandate to enact client safety directive that units
mandatory rights and duties that cannot be derogated from by way of a agreement. The U.S.
Federal Reserve Board has exercised legislative authority with the goal of purchaser safety by
enacting regulation E that implements the EFT Act.

6.2.2. Approval of Terms and Conditions

The NBE is permitted to approve TOCs and any amendments thereof before they turn out to
be relevant on customers.100The Proclamation is silent whether or not public coverage
worries along with consumer protection must guide the bank in discharging its authority of
approving TOCs of banks. Though the chief issues of central banks in overseeing retail fee
structures are efficiency and protection of the systems, there also are different targets together
with the exercise of duties within the vicinity of consumer safety, or the prevention of cash
laundering.101In the same manner, it's far proclaimed that pastimes of clients inclusive of the
terms and conditions’ governing their relation with operators is one of the concerns that the
NBE can also take in issuing an authorization for running structures.102The stipulation is
relevant on those operators (issuers of fee devices) making use of for authorization. It could
had been tons higher if such requirement became specifically formulated on the subject of
approval of TOCs as opposed to authorization for working a gadget. That manner the
financial institution can be required to take pastimes of consumers when it approves TOCs of
fee instruments. Within the context of the NPSP, the putting truth is not that the financial

30
institution has the authority to approve phrases and conditions of EFT. Rather it is the failure
to say whether or not such authority ought to be exercised in step with an established internal
procedure to make certain uniformity and to list factors that should be taken into
consideration when the bank approves TOCs of EFT. Other than artwork 6(4) (f) of the
proclamation mentioned above, nowhere is patron protection in preferred and in the context
of the authority of the bank concerning TOCs raised. Customer protection isn't always one of
the reasons for enacting the regulation either. The bank has to date accepted TOCs for debit
cards. TOCs for debit cards of CBE annexed with this thesis are summarized as follows.

6.3. Terms and Conditions of CBE

Phrases and situations of CBE practice to and regulate its provision of debit playing cards to
cardholders. The TOCs are interpreted according with Ethiopian laws, in particular the
proclamation. The primary contents of the TOCs are summarized under. Furthermore,
evaluation is made whether the TOCs are consistent with Ethiopian laws. Then again, felony
regulations of other jurisdictions that govern subjects similar to those ruled by using the
TOCs of CBE are delivered up.

6.3.1. Amendment of Terms and Conditions

The financial institution may also amend at any time and once in a while the TOCs for debit
playing cards. Such change have to, however, get prior approval of the countrywide bank.
With admire to the cardholder, such change is executed by using giving observe. The
awareness of modification will become effective and binding on the cardholder at the receipt
of the awareness, that is seven calendar days after the date of mailing in Ethiopia. In case of
personal shipping the date of issue is considered as the date of receipt. Any subsequent use of
the cardboard after such notice is deemed to constitute automatic acceptance of such change
with the aid of the cardholder. The time restrict of 7 calendar days seems to position the
patron at a downside given the efficiency of the postal provider. In its current assessment of
the overall performance of the Postal enterprise of Ethiopia, one of the standing committee of
the residence of the Peoples’ representatives of Ethiopia located out that the offerings of the
employer are marred with document of lost and damaged envelopes and programs. The house
similarly cited that there's growing proceedings made via customers of the Postal agency.

31
Even in nations in which postal service is greater green, the time restriction supplied for any
amendment of agreement is drastically longer.

Inside the U.S. A 21 days restrict is supplied. One hundred and five in the European note of
trade of the framework agreement for charge offerings need to be made months before the
proposed date of utility. As amendments of TOCs alternate the contractual undertakings of
the events, at maximum effort should be taken with the aid of the financial institution to make
certain the cardholder gets the notice and get a meaningful danger to study the amended
TOCs. The modification of the contract must, consequently, follow the guidelines of its
conclusion, which should be primarily based at the mutual consent of the events. Contract
law of Ethiopia prescribes that any version of terms of agreement have to follow the
agreement of the parties.108Similarly, as a depend of policy duty of disclosure beneath the
Proclamation ought to make bigger to the amendment of TOCs. If NBE approves change of
situations per Article 19 of NPSP, the equal should be relevant to the rights of the customers
under the identical provision.

6.3.2. Duty of Documentation

The CBE undertakes to publish an account assertion to the cardholder. Such account
announcement may be sent to the deal with of the cardholder registered with the financial
institution. The duty seems to exclude terminal receipts for transactions made with the
cardboard. Furthermore, interval of documentation whether it's far every month or each area
isn't always regulated. Even though obligation of documentation isn't always regulated by
way of the NPSP, the patron Proclamation obliges a commercial enterprise man or woman to
issue receipts to purchasers in admire of products or services she sold. Putting it in context of
EFT, the financial institution is obliged to difficulty a client receipts in appreciate of as an
instance ATM withdrawals or POS transactions.

Subsequently, in regards to transaction Receipts, it is honest to finish that the financial

institution is needed to difficulty receipts to purchasers. The CBE has undertaken in its TOCs
to offer periodic assertion to its customers. Therefore, by using the operation of legislation
and contract, the financial institution is obliged to offer consumers each terminal receipts and
periodic account statement. In the U.S., a terminal receipt have to be made available upon
request at the time a client initiates EFT at an electronic terminal.110Financial establishments

32
ought to mail or deliver a statement for every monthly cycle in which an EFT has came about
however as a minimum quarterly statement if no transfer has passed off.111Similar styles of
requirements are furnished inside the Eco directive.

Duty of documentation enables a consumer to check and verify the info on the statement
towards the transaction receipts.113In the absence of the duty, a customer will not be able to
track down transactions, which similarly allows the patron to become aware of mistakes and
unauthorized transactions made the use of the debit card. This is damaging to the patron into
methods. First, in terms of proof, it disables a purchaser to identify and prove mistakes or
unauthorized transactions in the past. Second, without terminal receipts and periodic
announcement, a patron may be hindered from stopping in addition errors or unauthorized
Transfers by notifying the bank.

6.3.3. Bank Error in Records and Accounts

The terms and situations of CBE provide that until the bank accepts the life of blunders
On its element, the cardholder agrees to the amount in her account and debit and credit score
made to her account. Besides, the cardholder accepts the bank’s data and proof concerning
the economic transaction made with bank as actual and correct. Recollect this instance to see
how this circumstance of CBE might also have an effect on the pursuits of a client. Recurrent
electricity cut and internet disconnection are common in Ethiopia. Recollect ATM errors
which can result from such situation. A client who become given much less cash than the
quantity she entered at ATM as a end result of error however who become subsequently
debited the quantity of the authorized withdrawal in place of the definitely withdrawn amount
will have no recourse against the financial institution unless the financial institution admits
there's mistakes on its part.

6.3.4. Fees

The bank is entitled to rate and debit any bank account in appreciate of every cardholder such
Expenses of registration, annual subscription and transaction prices as it can every so often
Notify cardholders. Analysing among the strains, this implies the financial institution is
entitled to charge such costs from the bank account of the cardholder who will be finally
knowledgeable of such charges. this situation has two obstacles. First, it fails to offer that

33
notification of relevant fees have to be finished at the time of contracting with the cardholder.
2d, it does now not offer that previous notification approximately adjustments in fees be
made to the cardholder. There is an apparent neglect in considering records regarding prices
is an vital element of the TOCs. As it has been stated earlier, in jurisdictions just like the
U.S., information concerning expenses is part of the obligation of disclosure which have to in
precept be discovered before a contract is made with the cardholder. Moreover, consumers
have to get previous be aware concerning change in expenses.

6.3.5. Duty of Cardholders

Cardholders are required to workout due care and interest to save you the lack of and/ or use
Of the card or PIN by a 3rd birthday celebration. As a consequence, a high quality obligation
of taking due care is imposed on cardholders. Furthermore, transaction commands by way of
the cardholder should take delivery of in such a way that any exclusive statistics, which is
displayed through a terminal, isn't disclosed to any 0.33 celebration. Cardholders of debit
cards international are largely required to exercise due care in defensive their cards and PIN
to avoid loss or robbery. For instance, the European charge offerings 25 directive requires
price carrier consumer, specifically, as quickly as she receives a charge device, takes all
reasonable steps to hold its personalised safety capabilities safe. Such due care is vital to save
you unauthorized transfer of funds using the cardboard or the PIN by using 0.33 party.
If a card is misplaced or stolen or if the PIN is disclosed to any unauthorized individual, the
cardholder is needed to right now notify the financial institution of such loss, theft or
disclosure. Oral communication must be showed to the financial institution in writing without
delay. Cell phone wide variety or web deal with which displays e mail or different address for
notifying loss or theft of the cardboard, However, isn't always furnished within the TOCs of
CBE.

6.3.6 Legal responsibility of Cardholders

The cardholder is completely dependable in admire of every transaction given with the aid of
the use of her card. Except, the cardholder is responsible in appreciate of any transaction
instruction given previous to receipt via the bank of written notification of loss, theft or
disclosure of the PIN or the card. Legal responsibility of consumers is the topic of the
subsequent bankruptcy. With regard to the opposite factors of the TOCs of CBE, each has

34
been elaborated in mild of patron protection. Moreover, Exam was made whether they are
consistent with Ethiopian legal guidelines. The TOCs fail to cope with topics regarding the
way to spark off compliant research, dispute decision manner, each day transaction limits,
and approach of notification for loss or robbery of the cardboard or the PIN. Even though the
goal of this section is to analyse TOCs of the CBE, i have compared legislative rules of other
prison systems that govern the subjects protected within the phrases and conditions. On some
of matters, the TOCs provide for much less (no) safety of customers in comparison to the
legislative safety that consumers of EFT enjoy inside the U.S. And the Eco the overall
observation is that an Ethiopian consumer’s pastimes aren't appropriately addressed inside the
instruction of the terms and situations of CBE. Comparable remark is stated with reference to
the function of the NBE in considering and selling consumer safety whilst it approves TOCs
of price instrument, because the TOCs of CBE put the client at a drawback role in
comparison to the financial institution on a number of topics however became despite the fact
that approved by the bank.

7. LIABILITY OF CONSUMERS FOR EFT TRANSACTIONS

Within the previous chapter, especially pre contractual troubles relating to EFT contract
concluded with a client had been addressed. In this chapter contractual problems of liability
for EFT transactions are examined. To this stop, the primary section discusses the difference
among authorized and unauthorized EFT transactions. Following this distinction, legal
responsibility of clients for each type of transaction is studied. Although the focal point is on
liability of customers of CBE as governed via the latter’s terms and situations, pertinent
European and U.S. Law on legal responsibility of customers for unauthorized EFT are
summarized. Moreover, occasional reference is made to those legislation to problematic
problems. In the third section, flaws or obstacles of the liability regime under TOCs of CBE
are talked about specially from primary contract and consumer protection regulation point of

35
view. It is in addition examined whether the phrases and situations of CBE are unfair to the
patron. In the final section, relevant laws of Ethiopia to unfair contract phrases are tested.

7.1. Authorized vs. Unauthorized Transactions Unsing DES algorithm

The Proclamation states that finances switch either representing an order of price or switch of
cash is initiated by means of a person through manner of coaching, authorization or order to
financial institution to debit or credit score an account maintained with that institution. In the
context of transactions made with using fee instruments at POS or ATM, the Proclamation is
clean that authorization, training or order need to be obtained with the aid of the monetary
institution to provoke budget switch and to debit an account of the cardholder maintained
with that group. As a end result, without authorization of the account holder, a finances
transfer can not be initiated. But, the Proclamation fails to particularly address in which an
EFT transaction is considered legal via the cardholder. It does now not prescribe the form of
authorization both. U.S. and European legislation offer for definitions of
authorized/unauthorized EFT transaction. ‘Unauthorized EFT transaction’ within the U.S. Is
described as an EFT transaction from a Patron’s account initiated by a person aside from the
consumer without actual authority to provoke such transfer and from which the patron gets no
advantage. There are primary elements on this definition. The primary is it need to be a
person aside from the consumer who initiated the transaction without an actual authority to
accomplish that and the second one is the client ought to receive no benefit from the
transaction. Even where the elements of the definition are met, there are positive transactions
excluded from the ambit of the definition. The first is EFT initiated via someone other than
the customer who become furnished with the card, code, or different method of access to
such purchaser’s account by means of such customer, unless the customer has notified the
economic institution involved that transfers by such different person are not legal. The second
is EFT initiated with fraudulent motive with the aid of the patron or any character acting in
live performance with the purchaser. The closing is EFT that constitutes an error committed
through a monetary organization. Within the first case the patron has voluntarily supplied the
third celebration who has a lawful control of the get right of entry to device however lacks
authority. In the second one case the Consumer acts fraudulently either on my own or
together with any other character, however does no longer gain from the act. However, within
the closing state of affairs, an errors dedicated with the aid of a economic organization does
no longer render the transaction performed a licensed one and the institution shall count on

36
full liability for such transaction. Effectually, any EFT transaction that falls into one of the
first two categories is excluded from being taken into consideration ‘unauthorized
transaction’. The implication of such exclusion is that the transactions are authorized to
which a consumer will be completely accountable. In any case, an EFT transaction at once
initiated with the aid of the purchaser or one that has been initiated by a third party duly
(reputedly) legal by way of the client is deemed to be a licensed transaction. Then again, the
Eco price services Directive provides that a fee transaction is considered to be legal only if
the payer has given consent to execute a fee transaction or a chain of fee transactions. It
similarly gives that consent can be given previous to or if agreed otherwise after the
execution of the charge transaction. Consent can be withdrawn by means of the payer no later
than the point in time of irrevocability furnished within the directive. Matters regarding the
shape and manner of giving consent to a price transaction and withdrawal of such consent are
governed by a framework agreement agreed between the issuer and consumer.

Within the absence of consent of the payer to a payment transaction, the transaction is taken
into consideration unauthorized. The connection with consent in the ecu payment offerings
directive weakens the opportunity of an implied authority and may be examine to eliminate
altogether the opportunity of An apparent authority, such as when a cardholder voluntarily
added the card and shared the associated code with a chum or relative. This is in assessment
with the U.S. Method in which a purchaser is completely dependable wherein she provided
the access device voluntarily to a 3rd celebration who in the end made transactions without
actual authority. As a end result, for each price transaction, the payer must provide consent in
a manner agreed among the payer and the issuer in order that the transaction is taken into
consideration authorized and the payer is answerable for such transaction. In the absence of
the consent of the payer to a charge transaction, the transaction is taken into consideration
unauthorized. there has no longer been a examine on the volume of unauthorized switch of
budget in Ethiopia. Indeed EFT provider is set a decade old and is significantly restricted to
fundamental towns of Ethiopia. But, globally card fraud which is one of the most important
reasons of unauthorized transfers has accelerated consistently in conjunction with card usage
in current years as number of fraudulent card transactions grew 7.2% and 12.8% respectively
in 2008 and 2009, with the amount misplaced to card fraud totaling €4.9 billion in 2009, up
from €4.Four billion in 2008 and €3.Four billion in 2001.126A have a look at carried out
among 2004-2007 within the ecu shows that there are 10 million fraudulent transactions the
use of fee cards in the single Euro payment location in step with year, affecting 500 000

37
merchants, representing roughly €1 Billion in losses.127This hazard can also affect the client
self-assurance in non-coins means of payment and in the end the real economic
system.128Different jurisdictions have observed numerous procedures to modify legal
responsibility of clients for fraudulent (unauthorized) transactions. At the same time as some
enacted legislations to this impact, others have left the problem to be governed via agreement
and widespread requirements. Even in the ones jurisdictions with customer protection
legislations, the elements considered in allocation of legal responsibility for unauthorized
transactions fluctuate. The subsequent segment starts off evolved with the dialogue of legal
responsibility of Ethiopian consumers of CBE as ruled by the latter’s terms and situations.
Finally, purchaser legislations of European and U.S. Governing legal responsibility bobbing
up out of unauthorized EFT are summarized.

7.2. Liability of Consumers

The NPSP does not modify legal responsibility of customers for EFT transactions.
Consequently, the problem is regulated with the aid of TOCs of banks as accepted through
the national bank of Ethiopia. According to the accepted TOCs of CBE, the rule is that a
cardholder is absolutely accountable in recognize of each transaction given by the usage of
her card. Distinction isn't always made between legal responsibility for Legal and
unauthorized transactions. The cardholder is required with the aid of the TOCs to
immediately notify loss or robbery of the debit card or disclosure of a PIN to any
unauthorized person. Normally loss, robbery or disclosure of a card or PIN probably ends in
unauthorized transaction. An oral conversation should be showed to the bank in writing.
Consequently, it's miles best wherein the financial institution receives a written confirmation
that the notification is taken into consideration commonplace. The cardholder is responsible
in respect of any transaction guidance given previous to receipt by means of the financial
institution of written notification of such loss, robbery or disclosure. Even for those
transactions that occur between the oral and written notification, it appears the cardholder is
completely in charge. The TOCs do not especially provide that the financial institution is
liable for transactions made after notification of loss or robbery of the cardboard or disclosure
of the PIN to a 3rd celebration. But, the inference from the condition that the cardholder is
accountable for all transactions made before notification is, the financial institution is
chargeable for those transactions made after notification. Although the TOCs require the
cardholder to save you loss of and/or use of the cardboard or PIN through a third birthday

38
celebration, negligence of the cardholder which may additionally result in ‘unauthorized’
transactions isn't always taken as a factor to alter liability. Nor is fraudulent act of the
cardholder considered. indeed, there's no need to don't forget the negligence or fraudulent act
of the cardholder where she assumes complete liability for each and each transaction made
earlier than notification. However, fraudulent acts of both the cardholder or other individual
vis-à-vis fee contraptions are criminally sanctioned and significantly punished with rigorous
imprisonment from 2 to fifteen years and pleasant by the NPSP. Without the use of the
cardboard or with fake card which nevertheless debit the account of the consumer are out
rightly excluded. The consequence is the cardholder will not be answerable for those
transactions made with out the use of the cardboard issued to her. In this kind of case, it's far
up to the client to expose that the cardboard remained underneath her ownership and he or
she did not use the cardboard for the ‘alleged transactions’. But, unless the gadget and
document of the financial institution suggests that the transactions were made without the use
of the card, proving such situation is probably extremely tough for the cardholder. Having no
access to the device of the financial institution or even in which get entry to is granted as an
instance through order of a courtroom, the cardholder can also locate it financially
burdensome and inconvenient. It need to be recalled that the cardholder has agreed
underneath the TOCs of the bank that the data and proof of the financial institution as true
and accurate.

7.3. Unlimited Liability of Consumers- CBE’s Terms and Conditions

In the U.S. And the Eco, a purchaser is responsible for all legal transactions while legal
responsibility for unauthorized transactions is shared between the monetary group and the
consumer on the basis of various factors. Allocation of legal responsibility in which a
purchaser is in the image is, for that reason, regulated by means of prison rules in both
jurisdictions. The relevant liability guidelines are mentioned below. The purpose of the
discussion is to demonstrate how purchasers of EFT are covered by using legislations that
derogate contractual terms of liability. The two jurisdictions represent one of a kind method
however a commonplace end, consumer protection. Studies of other jurisdictions had been
taken into consideration in the enactment of the NPSP.130Similarly, classes may be drawn
From these jurisdictions in any legislative or regulatory circulate to shield EFT customers in
Ethiopia.

39
7.4. Limited Liability of Consumers

The European fee offerings Directive provides for mandatory guidelines of legal
responsibility where the person of the price carrier is a consumer. Subsequently, wherein the
consumer is not a customer, the parties are unfastened to agree that provisions of the
Directive on legal responsibility will no longer practice in entire or in part. This is commonly
due to the fact non-consumers are generally in a better function to assess the chance of
fraud and take countervailing measures.132On the alternative hand, Member States are
allowed to introduce much less stringent policies or absolutely waive liability of the payer in
order to hold present level of consumer safety and promote accept as true with inside the
secure usage of electronic Charge devices besides wherein the payer has acted
fraudulently.133As a result, the directive’s rules on liability constitute a minimum protection
of clients inside the Eco and clients might also revel in a yet higher safety with the aid of
national laws of Member States.

The starting point for allocation of legal responsibility for unauthorized charge transactions
beneath the Eco fee offerings Directive is that the person need to be in charge simplest for a
limited amount except she has acted fraudulently or with gross negligence. Moreover, the
person is not required to cowl any further loss stemming from unauthorized use of a fee tool
After making notification to the provider that the instrument might also were compromised.
As a end result, the precept is legal responsibility of a user for unauthorized transaction made
earlier than notification is restrained except there's fraud or gross negligence. There is in
Principle zero liability of a user after appropriate notification is made to the provider. Those
preferred ideas are supplemented by unique provisions of the Directive. The legal
responsibility regime below the Directive can be categorized into (1) pre and (2) post
notification liability. Earlier than notification of loss, robbery or misappropriation of the price
device, the client bears the losses referring to any unauthorized payment transactions, as
much as a maximum of EUR one hundred fifty, as a result of using a misplaced or stolen
payment device. In addition qualification to the stipulation presents that wherein the
purchaser acted fraudulently or failed to satisfy one or greater of the obligations under Article
fifty six of the Eco price offerings Directive with reason or gross negligence, the customer
bears all of the losses relating to any unauthorized price transactions made earlier than
notification. The duties of the consumer below the availability are to use the charge tool in
accordance with the phrases governing the issue and use of the charge device and to notify

40
the company without undue delay on turning into aware about loss, theft or misappropriation
of the fee tool or of its unauthorized use. A patron is relieved from bearing any monetary
outcome on account of using the misplaced, stolen or misappropriated payment device after
notification except in which she has acted fraudulently. The issuer is required to make certain
that appropriate approach are to be had at all instances to allow the person to make
notification and to offer the person with a way to prove For 18 months after notification that
she has made such notification.139The failure of the provider to take a look at this
responsibility extinguishes the liability of the consumer for the monetary results as a
consequence of using a stolen, lost or misappropriated fee instrument besides where she has
acted fraudulently. One hundred forty consistent with the Eco charge services Directive, a
purchaser who acted fraudulently is at all instances responsible for the entire amount of
unauthorized charge transaction before and after notification of loss, robbery or
misappropriation of the price tool. Even in cases where the provider did not take a look at its
responsibility of supplying appropriate manner of notification, fraudulent consumer is
completely responsible. Besides, Member States are not allowed to set up much less stringent
liability rules than those of the Directive in cases in which the payer has acted
fraudulently.141Hence, the Directive’s regulations on liability of a fraudulent consumer
absolutely harmonize national legal guidelines of the Member States.

7.5 Authorization of Transactions

Within the U.S., a client can only be held accountable for unauthorized EFT within the limits
of the regulation where three ranges of requirements are met by using a monetary institution.
The first is the financial institution has supplied the subsequent disclosures to the client (a
precis of the customer’s liability for unauthorized EFTs, the cell phone number and address
for reporting that an unauthorized EFT has been or can be made and the monetary
organization’s commercial enterprise. Second the access device used to make the EFT
changed into an customary get right of entry to device. An Generic get admission to tool is a
card, code or other method of get right of entry to a customer’s account that a purchaser
requests and gets, or signs and symptoms, or uses or authorizes another to use the access
Tool to switch money between money owed or to achieve money, property or services;
requests validation of the access device even though it was issued on an unsolicited
foundation; or receives an get admission to tool as a renewal or replacement for an standard
get entry to device from both the economic organization that first of all issued the tool or a

41
successor. The 0.33 and the remaining requirement is the monetary group has furnished a
method to identify the consumer because the individual legal to use the access tool. Such
identity can be finished by signature, photograph, or fingerprint or via electronic or
mechanical confirmation.

Patron safety troubles that arise previous to and after the conclusion of an EFT settlement
had been addressed in this thesis. The following are the primary findings of the thesis. The
Requirement of ‘readability’ of terms and situations’ for EFT underneath the Proclamation is
Inadequate. The requirement does no longer prescribe that TOCs have to be without problems
understandable by a client and must be organized in a language that the client knows.
Moreover, it fails to oblige banks to offer customers an EFT agreement in a durable form.
The results of such failure of the NPSP were obvious within the exercise of CBE, which
organized its terms and situations in English and does no longer offer its customers the TOCs
in a durable form. Issuers of charge device in Ethiopia have discretion as to what to disclose
on the time of making the EFT agreement with a client. Although Ethiopian agreement law
dictates that regulations or undisclosed enterprise terms do now not bind the opposite party,
specific requirements applicable to EFT agreement that obliges the issuer to reveal the
important elements of the agreement to a patron are absent in the NPSP.

The legislative and regulatory powers of the NBE vis-à-vis TOCs of EFT have up to now
attained no tremendous safety for clients. Thus far, the financial institution has not enacted
consumer protection directive pursuant to the NPSP. There are not any inner hints which can
be prescribed through the NPSP that ought to be observed by means of the NBE while it
discharges its authority concerning TOCs of EFT. Nor are the elements that must be taken
into consideration via the NBE while it approves TOCs of EFT. The silence of the regulation
leaves a room for arbitrary exercising of the assigned powers. The writer of this thesis
became capable of reap best the TOCs of CBE. Even though it isn't viable to generalize the
NBE’s approach on purchaser safety inside the context of EFT, the take a look at of the
CBE’s terms and conditions have given a few perception on the problem. Even as
summarizing the principle contents of the TOCs of CBE, it become talked about that some of
them are inconsistent with pertinent Ethiopian legislation. Furthermore, the situations offer
for a notably much less (or at times no) safety of purchasers than furnished in patron Safety
law of the U.S. and the eu. As a end result, even though other banks’ TOCs may additionally

42
likely offer higher protection of consumers, it is in all likelihood that such protection is a end
result of the need of the respective financial institution instead of the regulatory oversight of
the NBE. The NPSP does not provide minimal set of rights of consumers of EFT. This has
lead for law of the rights and duties of the parties to an EFT settlement absolutely by means
of the TOCs of a bank concern to the authority of the NBE. The thesis examined the TOCs of
CBE, which provide for limitless legal responsibility of customers for all EFT transactions.
Only written notification of loss or theft of the card or disclosure of the PIN to the bank
relieves the customer from the limitless liability. The legal responsibility regime of CBE has
at the least main drawbacks. First, it neglects the crucial authority of the purchaser vis-à-vis
one’s asset account in a bank by way of making the customer responsible for all transactions
made with a mere use of a card. Furthermore, CBE’s phrases and situations are unfair that
create giant imbalance of rights and responsibilities to the detriment of the consumer. In
particular, the financial institution abstains from contractually venture crucial duties and the
financial loss that can get up out of such abstention is definitely borne with the aid of the
purchaser. Unluckily, those unfair terms are approved by using the NBE and casts doubt on
whether the financial institution considers consumer safety inside the workout of its
responsibilities. Usually, legislative regulation of EFT in Ethiopia within the context of
consumer safety is characterized by means of scattered rules which do now not sufficiently
cope with the problems at hand. Moreover, rights of purchasers that rise up from these
scattered policies are unsure and in most cases relevant by means of manner of interpretation
through courts. Failure of the NPSP to particularly cope with consumer pastimes contributes
immensely for the legal uncertainty. Additionally, although the NBE is lawfully capable of
sell customer protection while it approves TOCs of EFT and when it authorizes others to
operate a machine and issue fee units, the accepted TOCs of CBE discussed on this thesis
display the opposite. The thesis has proved that within the absence of clean legislative limits
(even in which there is regulatory ‘control’), a bank may tend to put together phrases that
notably favour it and harm the pursuits of customers.

7.6. Limitations of the Liability Regime of CBE using DES algorithm

The phrases and conditions of CBE make the cardholder completely answerable for all
transactions at all times (till notification is made) so long as the transactions are made with
the use that card. The consideration for liability isn't whether a given transaction turned into
authorized by the cardholder. Rather it's far whether or not the card issued to the cardholder

43
was used to make the transaction. Strictly speaking, the financial institution is permitted by
using the TOCs to debit the account of the cardholder on the basis of mere use of the debit
card without acquiring authorization of the cardholder. This method completely disregards
the authority a cardholder have to in principle exercise with regard to price commands that
affect one’s asset account. The difficulty of authorization of fee transactions is founded
within the contractual relation between a bank and its client. Essential principle of law
dictates that a patron who has deposited a amount of money in her account is the creditor for
a cash debt or a declare for reimbursement in regards to the provider. The consumer disposes
of her assets by way of cash withdrawals at ATM or by transfers to an account of a third
celebration at POS terminal. By applying for a debit card, the consumer is contractually
authorizing the bank to debit her account with the amount of the transaction each time she
uses the debit card to authorize price or transfer. Without such authorization, the bank can not
debit the account of the cardholder. Importantly, any charge to an account in the arms of
unauthorized 1/3 birthday celebration is no longer equal to discharge of duties of the
company while defining ‘funds transfer’, the Proclamation does stipulate that authorization
have to be obtained to provoke any budget transfer such as POS transfers and ATM
withdrawals. The TOCs of CBE, therefore, neglects the essential detail of the definition of
the Proclamation i.e. ‘authorization to provoke budget switch’. However, the Proclamation
regulates ‘authorization’ inside the context of EFT inadequately for as a minimum multiple
motives. It fails to expressly define while an EFT transaction is taken into consideration
authorized for which the purchaser is liable. In addition, it does not prescribe the form of
‘authorization’ or mandate the parties to EFT agreement agree thereof. As in any rules, but,
different pertinent laws of the united states of America are applicable so long as they may be
not inconsistent with the Proclamation.154Moreover, the TOCs of CBE provide that the
contents therein are construed and its debit card centres are regulated in accordance with
Ethiopian law. As a result, as a way to shield the crucial right of a cardholder vis-à-vis her
account, different applicable laws of the us of a need to be applicable to determine the form
of authorization.

The applicable regulation on this context is the economic Code of Ethiopia (hereinafter
industrial code), which among others deals with negotiable gadgets and banking transactions.
Negotiable instruments consist of bill of exchange, promissory be aware and cheque. Allow
us to awareness on those criminal guidelines regarding validity of cheque, that is a payment
tool like debit cards within the definition of the Proclamation (see art 2(20)). One of the

44
necessities for validity of a cheque is, it should comprise the signature of the person that
draws the cheque.

In the absence of a signature of the drawer of the cheque, the training contained within the
cheque is taken into consideration invalid for which the ‘drawer’ incurs no liability. Wherein
a cheque bears, signatures of people incapable of binding themselves by using a cheque,
forged signatures or signatures of factious individuals, the person on whose ‘behalf’ the
cheque was signed will now not be accountable. Likewise, a person who signs a cheque with
out the authority to do so binds herself as opposed to the character for whom she has no
electricity to act.

The first stipulation implies fraudulent act of a third celebration even as the second
encompasses cases where the 0.33 celebration has no authority (exceeds authority) to sign the
cheque. The general effect of these conditions is that a drawer of cheque or on whose ‘behalf’
the cheque turned into drawn is most effective chargeable for the commands therein in which
she puts her signature on (or in any other case authorizes the commands in) the cheque.
Within the absence of authorization, the ‘drawer’ isn't answerable for any commands made in
that cheque. Those unique regulations on validity of cheque are extension of the general
requirements of signature to authorize charge education regarding negotiable gadgets inside
the commercial Code.

If one adopts these rules of the economic Code on negotiable contraptions in widespread to
Transactions made electronically with the usage of a debit card, the cardholder should be
liable simplest for the ones charge commands that she legal and not for the ones transactions
made with the usage of her card albeit without authorization. Whether the provisions of the
commercial Code on authorization (validity) of negotiable units may additionally extend to
price instruments is the authority of courts. Given the prominence of customer safety, it is
truthful to undertake such interpretation. The customer Authority which has judicial,
administrative and policy making responsibilities has the potential to foyer and have an effect
on the interpretation argued above.

In regards to the shape of authorization, there are differing techniques. Inside the U.S.
authorization is met while the monetary organization has laid a device that identifies a
selected cardholder be it with signature, picture, or fingerprint or through digital or

45
mechanical affirmation. On the alternative hand, the Eco fee services Directive requires
authorization to be received inside the shape agreed among the consumer and issuer. A
hundred and sixty for that reason the exact shape and procedure of authorization may be
agreed between the financial institution and the cardholder or regulated with the aid of
statutes. Guide signature of the cardholder for every charge coaching can be obtained
particularly for POS transfers. Instead, digital authentication of charge practise can be hired
to attain authorization.

A debit electron card transaction at a POS or ATM may be authenticated by keying in the
PIN code and authorized by affirmation of the transaction and beginning the online approval
through pressing the ‘adequate’ key.161Effective access of an access device or card and use
of the ideal code or PIN is considered as legitimate authentication though there are some
arguments that such authentication isn't always equal to manual signature in identifying the
signee.162In any case, mere card authentication unsupported by using either compliance with
a security technique or a guide signature, is incapable of making a linkage to the consumer to
be made dependable

8. CONCLUSION AND RECOMMENDATIONS

The neglect of protection of clients all through the regulation of the NPSP is reasonably
Comprehensible due to the fact the patron Proclamation, that is the first of its kind in
Ethiopia, is most effective a 12 months older than the NPSP. It took about 10 years to enact
the NPSP after the introduction of the first ATM by using CBE. In both the eu and the U.S.,
EFT carrier preceded purchaser safety law. But, revel in of those jurisdictions and more
importantly the findings of the thesis are alarming that leaving the matter completely to
settlement pose a serious patron protection issues. Advent of recent systems that aren't best
useful to the concerned parties (purchasers and banks) however additionally to the general
economic system ought to be supported by way of sturdy legislative and regulatory measures.
It is for that reason that the Travaux-Préparatoires of the NPSP states that the objective of the
regulation is to sell a secure and green payment device that is price efficient for you to
enlarge financial reach of banks to the general public of unbanked Ethiopians and to
encourage saving and foster investment. Within the opinion of the author, these kind of

46
Goals can best be executed by building customer self-belief in the new device. Legislative
movement is the first and principal step to benefit client self-assurance. We ought to not wait
another ten years for such legislation as there is an acute need for customer safety within the
region. This may truly be attained without a need to repeal or amend the Proclamation
commonly due to the fact the NBE has legislative authority which can be validly exercised to
enact a comprehensive patron protection directive. An top-quality consumer safety rules
ought to take due account of the precise situations of the united states of America and the
stories of other jurisdictions. It became with this cause that the pertinent law of the U.S. And
the European were used all through the thesis. The author recommends a patron protection
legislation which sets out rights of customers that can't be derogated through contract.
Furthermore, banks need to be required by way of regulation to reveal essential factors of the
settlement particularly regarding legal responsibility of purchasers for unauthorized
transactions, smartphone number and deal with of the financial institution, its business days,
relevant charges, rights of the patron to documentation, a précis of the consumer’s proper to
forestall charge of a preauthorized EFT, liability of the institution, confidentiality of client
facts and errors resolution. Moreover, banks need to be required to offer clients the TOCs in a
long lasting shape. Legislative distinction must be made among authorized and unauthorized
EFT. Therefore, the endorsed consumer safety legislation should limit the liability of
customers for unauthorized transactions to a positive felony ceiling. The ceiling should be
difficult sufficient to make clients take all reasonable measures to save you unauthorized
transfers but honest sufficient now not to punish clients excessively. The average earnings of
maximum clients, the common maximum each day EFT restriction imposed by banks, the
probability of unauthorized transactions within the united states of America and banks’
protection measures concerning payment units are the recommended elements that must be
taken into consideration in determining the most restrict of legal responsibility of consumers
for unauthorized EFT. Even though consideration of negligence of the customer in allocation
of legal responsibility for unauthorized EFT may additionally set off the consumer to have a
look at her obligations vis-à-vis the price instrument (as in the Eco), the litigation difficulty of
who has to show first and who have to prove what may additionally outweigh the benefit. As
a end result, the author recommends consideration of handiest the promptness of the
consumer (as within the U.S.) in making notification of loss or robbery of the cardboard or
disclosure of the PIN to a third birthday celebration in allocation of legal responsibility for
unauthorized EFT.

47
Rather, if negligence of the patron is taken as additional attention, procedural forty seven
safeguards that defend the client and cope with the imbalance of litigation strength between
the purchaser and the bank have to be put in area.

TABLE OF REFERENCE

Conventions, statutes and more

NPSP - National Payment System Proclamation of Ethiopia, Addis Ababa 2011
CPP - Consumer Protection and Trade Practices Proclamation of Ethiopia 2011
CC - Civil Code of Ethiopia, Addis Ababa1960
CMC - Commercial Code of Ethiopia, Addis Ababa
MABD - Mobile and Agent Banking Directive of Ethiopia, Addis Ababa
NEP - Proclamation for the Establishment of the National Bank of Ethiopia, 2008
Directive The EU Payment Services Directive 2007/64/EC OF THE EUROPEAN
PARLIAMENT AND OF THE COUNCIL of 13 November 2007 on payment services in the
internal market
EEC 93/13 The European Council Directive 93/13/EEC on Unfair Terms in Consumer
Contract
Act Electronic Fund Transfer Act, 15 U.S.C. §§ 1693-1700 (1978)
Regulation E Regulation E, 12 C.F.R. § 205 (amended 1981)

48
Travaux Préparatoires for the National Payment Systems Proclamation Prepared by the
National Bank of Ethiopia
Books and articles
Bank for International Settlements, Committee on Payment and Settlement Systems: Clearing
and Settlement Arrangements for Retail Payments in Selected Countries. Basel, (2000)
Bank for International Settlement, Committee on Payment and Settlement Systems: Policy
Issues for Central Banks in Retail Payments, Basel, (2003)
Commission Staff Working Document. Report on fraud regarding non cash means of
payments in the EU: the implementation of the 2004-2007 EU Action Plan
http://ec.europa.eu/internal_market/payments/docs/fraud/implementation_report_en.pdf
accessed on 12,06,2013
49
Electronic Funds Transfer and Consumer Protection. Edited by Bourgoignie Th. And Goyens
M. Brussels, (1990)
Ellinger E.P., Lomnicka Eva and Hare C.V.M. Ellinger’s Modern Banking Law (2011)
Europol Situation Report. Payment Card Fraud in the European Union- Perspective of the

REFERENCES

1) C.H.Meyer, S.M.Mat.yas,R.E.Lennon, “Required Cryptographic Authentication criteria

for Electronic Funds Transfer System”, CH1629-5/81/089, IEEE, in 1981.

2) Dan Zhu, “Security control in Inter-Bank Fund Transfer”, Journal of Electronic Commerce
Research, VOL. 3, NO. 1, 2002.

3) Q.V. Lawande, B. R. Ivan, S. D. Dhodapkar, Chaos Based Cryptography: A New

Approach to secure Communications,Asian aerosol conference (AAC) No. 258,July 2005.

4) Mintu Philip,Asha Das, “Survey: Image Encryption using Chaotic Cryptography

Schemes”, IJCA Special Issue on “Computational Science - New Dimensions &
Perspectives” NCCSE, 2011.

5) Palmer, J. W. and Griffith, D. A. “An Emerging Model of Web Site Design for
Marketing”, Communication of the ACM, Vol. 41, No.3, pp. 45-51, 1998.

Law Enforcement Agencies (2012)

49
https://www.europol.europa.eu/sites/default/files/1public_full_20_sept.pdf accessed on
12,06,2013
Furletti, Mark and Smith, Stephen. The Laws, Regulations, and Industry Practices That
Protect Consumers Who Use Electronic Payment Systems: Credit and Debit Cards (2005)
Geva, Benjamin. Payment Transactions under the EU payment Services Directive: A U.S.
Comparative Perspective. In: Penn St. Int'l L. Rev. Volume 27(2008-2009)
Geva, Benjamin. Consumer Liability in Unauthorized electronic funds transfers. In: Canadian
Business Law Journal. Volume 38 (2003)
Geva, Benjamin. Law of Electronic Funds Transfer 2000
Krzeczunowich, George. Formation and Effects of Contracts in Ethiopian Law (1983)
Law of Bank Payments. Edited by Brindle Michael, Cox Raymond and Coleman Richard.
London, (2010)
OECD. Report on Consumer Protection for Payment Cardholders. Digital Economy Papers
No 64 (2002)
Rosenberg, Arnold. Better than cash? Global Proliferation of Debit and Prepaid Cards and
Consumer Protection Policy: In: bepress Legal Series paper 766 (2005)
White Paul and Islam Sardar. Formulation of Appropriate Laws: A New Integrated
Multidisciplinary Approach and an Application to Electronic Funds Transfer Regulation
(2008)
World Payment Report 2011, found at
http://gbm.rbs.com/docs/gbm/insight/gts/perspectives/WPR_2011.pdf accessed on 12, 06,
2013
50
Worku, Gardachew. Electronic-Banking in Ethiopia- Practices, Opportunities and
challenges. In: Journal of Internet Banking and Commerce. Volume 15 No. 2 (2010)
http://www.combanketh.et/EPayment/CardBanking.aspx visited on 21.07.2013
http://www.unitedbank.com.et/ visited on 05.06. 2013
http://www.fanabc.com/index.php?option=com_content&view=article&id=4286:2013-06-29-
10-17-39&catid=103:2012-08-02-12-34-36&Itemid=235 visited on 30.06.2013

50