Shah said that the longer-term solution to the threats is to migrate to chip-and-PIN cards, expected to be in place from the last quarter of this year.
The Central Bank report details the benefits of technology in delivering valuable services in the banking sector but does not include ways the law, banking rules and regulations will be amended to reflect changes in the sector.
"Our legislation governing payments and banking is still largely based on the assumption of a paper-based system, whilst there has been some progress to give digital transactions recognition under law, a lot more needs to done to facilitate the growth of a digital economy," added Shah.
One of the major challenges Kamau identifies is that the banks are audited by international security firms, yet they continue to have vulnerabilities, leading local security experts to question the methodologies applied by the firms during the process.
Lack of public awareness on phishing scams and malware attacks were also identified as major threats by the Central Bank. In most cases, banks protect their online banking platforms with SSL certificates and then require end users to authenticate their IDs before each transaction but end users do not always contact the bank even when their browsers report untrusted certificates, which indicates phishing or breach.