As M-PESA celebrates its 19th anniversary this March, Safaricom is making a massive change to how our transaction messages look. Following the recent milestone of hitting 40 million monthly active users, the telco’s CEO has announced a major privacy enhancement: sender phone numbers will now be masked in P2P (person-to-person) Send Money transactions.
We already knew this was the direction Safaricom was heading. Just earlier this month, the Central Bank of Kenya (CBK) approved phone number masking for Lipa na M-PESA Till and Paybill numbers. I just didn’t expect it on P2P transactions. But it seems the privacy net is expanding to everyday users.
How the new masking feature works
According to the CEO’s statement released today, the goal is to minimize the personal information shared during transactions, aligning closely with Kenya’s evolving Data Protection Act maturity.
I’ve taken a close look at the promotional image Safaricom provided, and here is exactly what your M-PESA SMS will look like moving forward:
- The sender’s name remains visible: If Jane Doe sends you money, you will still see “JANE DOE” in the message.
- The number is redacted: Instead of showing the full
0702xxx507as usual, the middle digits will be replaced with asterisks (e.g.,0702***507).
But what if you actually need the sender’s full number to call them back or verify a payment? Safaricom has built in a consent-based request system.
The recipient can initiate a request to Safaricom for the full details within 24 hours of the transaction. The sender will then receive a prompt on their phone asking if they approve sharing their full details with the recipient. Lastly, the sender has 2 hours to respond. If they accept, the recipient gets an SMS with the unmasked number. If they decline or simply ignore the prompt for 2 hours, the request dies there.
Safaricom says this feature will officially launch by the end of this month, with plans to roll it out to the rest of the M-PESA ecosystem in subsequent phases.
Personally, I think this is a brilliant and long-overdue feature for protecting user privacy against scammers who scrape numbers from M-PESA transactions. However, as with all strict data protection measures, overcorrection can sometimes break the user experience, which leads us perfectly into a bizarre situation currently unfolding with M-PESA statements.
