Safaricom, Kenya’s largest telecoms operator, plans to increase knowledge minimisation throughout its cellular cash service M-PESA by late 2026, increasing controls that restrict the publicity of buyer telephone numbers in cellular cash transactions.
The change will cowl financial institution transfers and service provider funds, in line with the telco’s chief monetary providers officer, Esther Waititu, who spoke on Wednesday on the firm’s Nairobi headquarters.
“Later within the yr, we can be working with banks to guarantee that that knowledge can also be masked, as a result of we are able to’t be doing it in a single space after which omitting the opposite,’ Waititu stated.
The transfer targets one of the vital frequent methods private knowledge is misused in Kenya’s funds system, the place telephone numbers shared in transaction alerts are later reused for spam, advertising and marketing and fraud. Extending masking to service provider funds and cross-platform transfers cuts off a significant supply of such knowledge at scale.
The rollout builds on an earlier replace scheduled for March 24, when Safaricom will start masking a part of a sender’s telephone quantity in peer-to-peer M-PESA transactions. The following part targets service provider funds, one of many most important areas the place buyer knowledge continues to be broadly uncovered.
Purchase Items and Paybill, Safaricom’s cashless cost providers that deal with a big share of on a regular basis transactions, usually ship retailers SMS confirmations that embrace prospects’ full telephone numbers.
Small companies depend on these alerts to trace gross sales and make sure funds. The identical numbers are sometimes reused to ship promotional messages or shared past the unique transaction, making service provider funds a key supply of unsolicited advertising and marketing.
Prospects will nonetheless full funds and retailers will proceed to obtain affirmation, however full telephone numbers will not seem in SMS alerts. This limits how simply private knowledge will be collected and reused exterior the transaction.
The enlargement can even embrace cross-system funds. Transfers between M-PESA, banks, and different cellular cash providers, resembling Airtel Cash, cross by a number of platforms, every of which creates some extent the place knowledge will be seen or saved.
Making use of the identical limits throughout these flows will scale back publicity at every stage and set up a typical commonplace for suppliers dealing with the transaction, Waititu stated.
The size of M-PESA means the change can be broadly felt, because the service processes 37 million day by day peer-to-peer transactions price KES 27 billion ($209 million), out of a complete of 137.9 million transactions valued at KES 118 billion ($914 million).
Safaricom’s knowledge minimisation push has developed over a number of years. It started in 2020 with Pochi La Biashara, a product designed to permit small merchants obtain funds with out exposing full buyer particulars. In 2021, the corporate diminished inside entry to buyer knowledge.
A yr later, it trimmed private info from M-PESA statements. By 2023 and 2024, comparable controls had been added to merchant-facing APIs utilized by giant organisations, earlier than extending to peer-to-peer transactions in 2026.
Extending the identical method to service provider funds closes one of many most important remaining gaps. It additionally creates new operational strain for companies that depend on telephone numbers to reconcile transactions or observe up with prospects. With out that identifier, retailers could have to rely extra on transaction codes or inside techniques to match funds.
“If you concentrate on safety and security, there’s all the time some degree of inconvenience. Folks have constructed habits round how they work together with one another, however it’s extra necessary to maintain everybody protected,” stated Peter Ndegwa, Safaricom CEO.
Waititu stated dispute administration is more likely to be the most important danger because the change rolls out, as companies regulate to resolving cost points with out full entry to buyer telephone numbers.
“The principle danger can be dispute administration. The method would require a further step, which may introduce some friction. We’re working to handle that by guaranteeing entry to info the place all events are in a position to consent,” Waititu added.
Elevate your perspective with NextTech Information, the place innovation meets perception.
Uncover the most recent breakthroughs, get unique updates, and join with a worldwide community of future-focused thinkers.
Unlock tomorrow’s developments at the moment: learn extra, subscribe to our e-newsletter, and turn into a part of the NextTech group at NextTech-news.com
