The Central Bank of Nigeria (CBN) has mandated the geo-tagging of all Point of Sale (PoS) terminals across the country as part of fresh measures to strengthen oversight and curb fraud in the electronic payments space.
The geo-tagging directive by CBN for PoS devices would mean that they can only be used in the specific locations where they are registered. This would limit their mobility and restrict their use to designated areas, likely requiring changes in business models, especially for sectors like transportation or logistics that rely on flexible device locations.
The director of Payments System Supervision, Dr. Rakiya O. Yusuf, in a circular addressed to Deposit Money Banks (DMBs), Microfinance Banks (MFBs), Mobile Money Operators (MMOs), Switching and Processing Companies, Payment Terminal Service Providers (PTSPs), Payment Solution Service Providers (PSSPs), Super Agents, and other licensed operators dated August 25, 2025, also directed all operators in the payments ecosystem to complete migration to the ISO 20022 messaging standard on or before October 31, 2025.
The circular also directed that all existing and newly deployed PoS terminals must come with native geolocation services enabled through double-frequency GPS receivers, and be registered with a Payment Terminal Service Aggregator (PTSA) using accurate latitude and longitude coordinates of merchants’ business locations.
It further directed that Android OS version 10 will serve as the minimum requirement for all terminals to ensure compatibility with the National Central Switch’s geolocation monitoring and geofencing system.
“Terminals not directly routed to a PTSA are not permitted to transact, while geo-location data must be captured at the initiation of every transaction and included in the message payload as a mandatory reporting field,” the CBN circular stated.
The circular added that all existing terminals must be geo-tagged within 60 days, while new ones must be geo-tagged before certification and activation.
Noting that it would begin compliance validation exercises from October 20, ahead of the October 31 deadline, CBN said the migration aligns with SWIFT’s global timeline and is intended to standardise transaction data, strengthen oversight, and ensure Nigeria’s payment system meets international best practices.
“All payment transaction messages exchanged domestically or internationally must be formatted in ISO 20022 in line with CBN and SWIFT specifications,” the circular stated, stressing that all in-scope institutions must achieve full compliance before the October deadline.
“All licensed operators are hereby reminded that ISO 20022 is the standard for payment messaging to support Nigeria’s payments objective of ensuring standardized quality data.
“All payment transaction messages exchanged domestically or internationally must be formatted in ISO 20022 in line with CBN and SWIFT specifications. All Institutions shall ensure complete and accurate population of mandatory data elements, including payer/payee identifiers, merchant/agent identifiers, and transaction metadata. All in-scope institutions must complete migration activities and be fully compliant not later than October 31, 2025.”
On the geo-location on POS terminals, the circular directed that “all existing and newly deployed payment terminals must have native geolocation services enabled, with Double-Frequency GPS receivers for reliable geo-location service.
“All payment terminals must be registered with a Payment Terminal Service Aggregator (PTSA) with accurate latitude/longitude coordinates indicating the Merchant/Agent place of business/service and status. All Operators (PTSAs, PTSPs, PTADs, Acquirers) are to ensure their Pos Terminals and Applications are duly certified by the National Central Switch to align with the listed standards.
“As part of the Certification process, all payment terminals must have the National Central Switch SDK for Geolocation monitoring and Geofencing implemented within the libraries of its PoS Application. Android Operating System (OS) v10 is the minimum OS requirement across all terminals to ensure compatibility and seamless integration with the National Central Switch Geolocation SDK. The SDK for geolocation monitoring must be initialized at the registered business/service location.
“A radius of 10 metres outside the registered business/service location is the permitted geofence for all merchant activity. Geo-location data must be captured at transaction initiation and included in the message payload as a mandatory reporting field. Terminals not directly routed to a PTSA are not permitted to transact. All existing terminals and newly registered terminals must ensure strict adherence always to approved MSC code per sector. All existing terminals must be geo-tagged within 60 days of this circular; new terminals going forward must be geo-tagged before certification and activation,” CNN stated.
