Safaricom Introduces Masked Transactions in M-PESA Overhaul

Every day, more than 37 million M-PESA transactions flow between various customers and businesses. 

Until now, each of those person-to-person transfers carried a complete trail of personal information, including the sender’s full three names and full mobile number, visible to whoever received the funds. That is changing.

Safaricom has begun rolling out a data minimisation update to M-PESA’s Send Money service, a measure that will partially mask the sender’s phone number in transaction notifications. 

Instead of displaying a full number like 0722002100, recipients will now see a masked version, 0722***100, alongside only two of the sender’s names.

A photo collage of Nairobi and a person reading an M-PESA message, April 2, 2026.

Photo

Kenyans.co.ke

The change, which was first piloted in March, affects the largest single category of M-PESA activity, accounting for 64 per cent of all transactions on the platform. 

Safaricom frames the change as proactive alignment with the Data Protection Act 2019 rather than a response to any regulatory finding or complaint. 

According to Safaricom, 14.1 million customers actively use the peer-to-peer Send Money feature on a daily basis. 

For a platform that has become the circulatory system of Kenya’s informal and formal economy alike, even small changes to how data is displayed carry consequences for millions of people. This update, the company says, is about reducing those consequences deliberately.

At its core, the policy reflects a principle increasingly embedded in global privacy frameworks: that systems should collect and display only the minimum personal data required to fulfil a function. 

The recipient of a mobile money transfer needs to know that money has arrived and from whom, but Safaricom argues that they do not need a fully exposed phone number to confirm either of those things. 

Two names and a partially visible number are sufficient for identification while meaningfully reducing the data that can be captured and reused.

With this move, Safaricom expects to block transaction SMS messages from being used as a harvesting ground for fraudsters, who collect numbers from incoming payment notifications to build target lists for scam calls and social engineering. 

How to Verify Transactions

For recipients who have a legitimate need to contact a sender, to confirm a payment query or verify an identity, Safaricom has introduced a consent-based verification mechanism accessible via short code 334. 

Through this system, a recipient can request that the sender share their full details. 

The sender receives an SMS asking whether they wish to disclose their name and number in full; if they agree, the recipient receives the information. 

If they decline, the recipient is notified of that decision. 

Each request is tied to a single transaction and expires after 24 hours, placing the disclosure decision firmly in the hands of the person whose data is at stake.

The move sits within a broader, multi-year trajectory. Safaricom introduced data minimisation to its Pochi la Biashara product in 2020, extended it to internal staff data viewing in 2021, applied it to M-PESA statements in 2022, and rolled it out across Buy Goods and Pay Bill API transactions before arriving at person-to-person transfers. 

The Send Money update represents the highest-volume application of the principle yet, and, given that it touches the most intimate layer of mobile money use, arguably the most significant.

A graphic showing the importance of partial masking of phone numbers on M-PESA transactions, April 2026.

Photo

Safaricom