A private company called NINCard Limited has been providing identity-related services to Nigerians without a licence from the National Identity Management Commission (NIMC), the agency legally empowered to manage such services.
NINCard allows users to print National Identification Numbers (NIN), update their NIN slips and make changes to personal information. All of these services are meant to be reserved for NIMC or its licensed partners.
Despite presenting itself as a legitimate solution to delays in the identity system, NINCard is not listed as a Front-End Partner (FEP) on the NIMC website.
Front-end partners (FEPs) are third-party service providers licensed by NIMC to handle National Identity Number (NIN) enrolment services at the grassroots level.
They act as an extension of NIMC, facilitating the registration process for individuals across various locations, including those in hard-to-reach areas.
NIMC did not also list the business as one of its NIN verification clients as it does banks, data processing agencies, telecommunication services and other relevant entities.
READ ALSO: How CBN, Edo, Other Govt Sites Leak BVNs, Personal Data of Nigerians
REGISTERED BUT NOT AUTHORISED
NINCard was registered with the Corporate Affairs Commission (CAC) on October 26, 2023, with RC number 7196466. It lists Oladejo David Adedeji as the individual with significant control.
The company operates a website at nincard.com where users can pay for NIN-related services such as card printing, retrieval of lost NINs, reactivation of suspended records, generating digital NIN slips and modifying or verifying their details.
The domain was registered on September 24, 2023, through NameCheap, and protected with full privacy settings. This means the actual names and contact details of those behind it are hidden.
Although NINCard has CAC registration and a professional-looking platform, it is not licensed by NIMC.
LEVERAGING ON NIMC’S FAULTS
NINCard has an active presence on social media, especially on X (formerly Twitter), where it targets users who complain about NIMC’s poor service.
FIJ observed the company actively responding to such posts and offering to assist disgruntled Nigerians on October 29. It also operates a WhatsApp contact line, which Truecaller links to the name Manga Gazgenu.
The company markets itself as a faster and more efficient alternative to the official options, often appealing to frustrated Nigerians who have faced delays and difficulties with NIMC.
MIXED RESULTS, OFFICIAL WARNINGS
Some Nigerians say the company delivered on its promises. For instance, Bikame and Jimoh X claimed they got the services they paid for.
However, others said they were scammed. Some Nigerians reported paying for services that were never rendered.
READ ALSO: After FIJ’s Story, NIS Silently Fixes Loophole That Exposed Applicants’ Data
In July 2024, NIMC issued a public warning to Nigerians, stating clearly that NINCard was not licensed and should not be patronised.
When contacted by FIJ on Thursday, Kayode Adegoke, spokesperson for the commission, said there had been no data breach on NIMC’s end. He claimed that any leaks might have come from users not securing their data or from third-party handlers being careless.
READ ALSO: EXCLUSIVE: Nigerians’ NINs, BVNs, Photos Still for Sale Online. I Bought 4 With Just N560
WHAT DOES THE LAW SAY
NINCard’s operations may have violated several Nigerian laws.
Under Section 14 of the NIMC Act, 2007, only NIMC and its licensed agents are permitted to register individuals or offer NIN-related services.
Section 18 prohibits any unauthorised access to the National Identity Database, while Section 30 makes it a criminal offence to use information from the database without lawful authority.
Penalties include a fine of up to N1 million, imprisonment of up to three years, or both.
The Nigeria Data Protection Act, 2023, also makes it unlawful to process personal data — especially biometric or identity-related information — without legal authorisation or clear user consent. Violations of this Act could attract fines of up to N10 million, 1% of a company’s gross annual revenue, or criminal prosecution.
Under the Cybercrimes Act, there are more risks. Section 6 prohibits unauthorised access to computer systems and networks, which would include the national identity database.
Section 22 criminalises identity theft and impersonation, which may cover the issuance of fake or fraudulent NIN slips. Offenders risk fines of up to N7 million or three years in prison.
Furthermore, NIMC’s 2017 Regulations on Registration of Persons and Licensing of Agents state clearly that only authorised vendors may operate enrolment systems or connect to the central NIMC infrastructure. NINCard does not meet these requirements and, as such, may be operating in breach of multiple laws.
READ ALSO: REPORTER’S DIARY: I Only Swapped Digits on Immigration’s URL. It Gave Me Private Data of Nigerians
WHY THIS PUTS NIGERIANS AT RISK
Using unlicensed platforms like NINCard puts ordinary Nigerians in danger. Without regulation or oversight, there is no guarantee that users’ data are being handled safely or responsibly.
People who submit their full names, biometric data and national identification numbers to unauthorised handlers risk falling victim to identity theft, financial fraud or long-term data abuse.
Since NINCard is not recognised by the Nigerian government, victims would have no official channel for redress if anything goes wrong.
The post NINCard Illegally Provided ID Services. NIMC Knew 13 Months Ago but Didn’t Shut It Down appeared first on Foundation For Investigative Journalism.