Because the inception of Safaricom’s cellular cash platform M-Pesa in 2007, each time a consumer sends cash, pays for gas, groceries, or a boda boda trip, they go away behind their cellphone quantity, which seems within the transaction notification despatched to the receiver or service provider. That quantity could possibly be saved, shared, or offered to malicious actors concerned in SIM swap fraud.
For the over 37 million Kenyans who use the platform, it’s a attainable hyperlink in a sequence that, in some instances, has ended up in clients dropping their funds to scammers.
On Friday, the Central Financial institution of Kenya (CBK) authorised Safaricom’s long-awaited request to cover cellphone numbers of customers at any time when they make funds.
The choice marks a major shift in digital privateness for the platform’s customers and a direct intervention right into a fraud risk that has fueled hundreds of scams within the nation.
“That is to tell you that the CBK has reviewed your software and submissions in assist of the answer and approves your request to implement knowledge minimalisation for peer-to-peer transactions,” CBK mentioned in its letter to Safaricom.
Below the brand new system, cellphone numbers might be partially masked in peer-to-peer transfers. If a recipient desires to see the complete quantity, they must request it—and the sender can both consent or decline.
The characteristic may even forestall retailers from seeing the payer’s full identify or cellular quantity when settling payments or shopping for items through the platform’s Until or Paybill numbers, chopping the visibility of private info, which has been a degree of concern for tens of millions of customers.
Rising fraud threats
The implications of easy-to-find cellphone numbers have been stark. In 2025, the Directorate of Legal Investigations (DCI) arrested six cybercrime suspects in Mombasa who ran a scamming ring within the coastal metropolis. In line with DCI, the scammers used ID spoofing purposes—paid for with over KES 500,000 ($3,875)—to impersonate financial institution and telco customer support brokers.
Utilizing cellphone numbers harvested from authentic transactions, they may persuade victims they had been chatting with a trusted official, coaxing out PINs and passwords.
SIM-swap fraud has additionally change into some of the damaging crimes in Kenya’s mobile-first economic system, exploiting the truth that a cellphone quantity doubles as a financial institution username and cellular cash account. Fraudsters trick or bribe telecom brokers into transferring a sufferer’s quantity onto a brand new SIM card, locking the authentic proprietor out of their line.
As soon as that has been performed, they reset cellular banking and M-Pesa PINs, intercept one-time passwords, and drain accounts inside minutes. The dimensions of the risk has repeatedly drawn warnings from the Communications Authority of Kenya and the Central Financial institution of Kenya, in addition to tighter SIM registration guidelines and stronger buyer verification necessities.
Kenya’s Excessive Court docket has additionally awarded damages to customers over unwarranted contact and spamming by non-public corporations. For example, it’s common for native companies to ship promotional messages to clients who pay through cellular cash.
Regulators are actually tightening expectations round how digital monetary companies deal with private knowledge. In 2024, monetary and insurance coverage corporations accounted for an estimated 30% of determinations issued by the Workplace of the Information Safety Commissioner (ODPC), with over 5,000 complaints filed.
Elevate your perspective with NextTech Information, the place innovation meets perception.
Uncover the newest breakthroughs, get unique updates, and join with a world community of future-focused thinkers.
Unlock tomorrow’s tendencies at present: learn extra, subscribe to our publication, and change into a part of the NextTech group at NextTech-news.com
