Good news for Capitec clients

Capitec has introduced a new “Contact Lock” feature to enhance security on its banking app by generating an encrypted digital fingerprint of a user’s phone contacts.

The National Financial Ombud Scheme (NFO) has warned South Africans that fraudsters are increasingly targeting banking apps, with one victim losing as much as R500,000.

The NFO has recorded a steep 73% increase in digital banking fraud complaints, jumping from 1,436 cases between January and May 2024 to 2,483 during the same period in 2025.

Between January 2024 and May 2025, digital fraud complaints exceeded ATM fraud cases by 3,350 incidents, indicating a clear shift from physical to virtual card fraud.

Capitec’s new Contact Lock feature, introduced in Q3 2025, is aimed at tackling fraud and making its banking app more secure.

Capitec’s chief technology officer, Andrew Baker, told Daily Investor that the feature works by creating a unique digital fingerprint of a client’s phone based on random contacts stored in their address book.

“It turns your personal contact list into an invisible security shield, ensuring that your banking app only works on your actual phone – not just any phone with your login details,” Baker explained.

When a client logs into your Capitec app, the system captures an electronic signature (a unique digital pattern) of random contacts in their phone book, which is then encrypted.

“The app periodically re-scans and updates this signature to account for any contacts you’ve added, deleted, or modified. This means the system always has a current ‘snapshot’ of what your contact list looks like,” Baker said.

If someone attempts to log into a Capitec account on a different phone, Baker said the app immediately compares the contact list signature on that device with the registered signature.

“If the contacts don’t match, it could indicate that a fraudster might be accessing your banking app without your contacts. Our app recognises this as suspicious activity and blocks access to your account,” he explained.

“This creates a powerful additional security barrier because, even if someone steals your login credentials, they still can’t access your account via the app on their own device.”

How Capitec keeps its app safe

According to Baker, Capitec has also introduced a number of other features to make its banking app more secure. One of these is the call verification feature, which shows the client whether they are on a call with Capitec or not.

“If a scammer is calling a client, impersonating Capitec, the client is able to verify this by opening their app,” Baker said.

“If a green message appears at the top of the screen, that means the call is from us. If the message is red, that means we can’t verify the call, and it’s likely a scam.”

The “bad beneficiary feature” identifies and notifies clients of high-risk recipients and beneficiaries who have been reported for fraud.

“When a client tries to pay a high-risk recipient, they will immediately receive a warning. If a beneficiary has already been reported for fraud, our system blocks the transaction before the money leaves the client’s bank account,” he said.

“Even scammers who open brand-new accounts at other banks can be identified and blocked if there are confirmed fraud reports linked to them.”

Another feature on the bank’s app is the “custom AI warning feature”, which Baker said alerts clients to potential investment scams.

It does so by notifying them of unusual transactions being made to that beneficiary and initiates security screening questions that prompt the client to think critically before making the payment.

Finally, Baker said Capitec has introduced the “security checkpoint feature”, which adds a security delay at critical moments to protect the account from unauthorised access.