In Kenya, the adoption of digital technologies has seen an increase in cybersecurity threats and risks.
This has been primarily due to the rapid adoption of digital systems, remote working without adequate attention being paid to the security of computer systems and devices, and increasing awareness of people on the appropriate measures to protect themselves online from cyber threats and risks.
Data from the National Kenya Computer Incident Response Team found that between July – September 2021, it detected 143,040,599 cyber threat events, a 268.883% increase from the 38,776,699 threat events detected in the previous period, April – June 2021.
Mobile money services have become more popular due to more businesses, such as banks and organisations digitising their processes. For instance, between March 2020 and October 2022:
One, the number of Kenyans actively using mobile money increased by over 6.2 million.
Two, the monthly volume and value of Peer to Peer (P2P) transactions increased from 162 million transactions worth Ksh.234 billion to 440 million transactions worth Ksh.399 billion, an increase of 171 per cent and 71 per cent, respectively.
In Kenya, Safaricom PLC identifies its business’ key pillars, including being a ‘Financial Services Provider’.
M-PESA is a mobile phone-based money transfer, payments and micro-financing service launched in 2007 by Vodafone Group and Safaricom.
M-PESA service allows users to deposit money into an account stored on their cell phones, to send balances using PIN-secured SMS text messages to other users, including sellers of goods and services, and to redeem deposits for regular money.
The service allows P2P transfers and withdrawals, payment options, and connectivity to formal banking and credit access. It has also facilitated international transactions and deepened financial inclusion in the country.
As a result, Safaricom has put in place measures to protect its customers from fraudulent or unauthorised transactions, including:
Protect self from a SIM-swap attack
SIM swap occurs when someone gains a mobile number; a fraudster convinces your cellular provider to transfer your phone number to a different SIM card, usually one in their possession.
Safaricom has the *100*100# that empowers its customers to lock their phone numbers from unauthorised swaps.
As a result, the code, *100*100#OK, lock the subscribers’ number in that no one can replace the SIM from any agent shop without their knowledge.
Check Phone Numbers Registered with your ID Number
Safaricom introduced a Short Message Service (SMS) 106# USSD code allowing customers to check whether they are registered to more than one phone number.
How to use the *106# Service
- Dial *106# on your Safaricom mobile phone
- From the list, select “Check registered numbers”
- Safaricom will display and send you an SMS with phone numbers registered using your identification.
Safaricom has created a free service to report suspected fraud on its network.
What you need
- The suspect’s number trying to defraud you.
- A working Safaricom line.
How to Report Mpesa Fraudsters
- Go to Message on your phone.
- Compose a New SMS or Message.
- Write a message quoting the fraudulent number and request Safaricom to investigate.
- LSend the Message to 333.
Additional safety tips to keep in mind
- Enable biometric authentication on your device
- Never give or share your sim pin
- Do not use public wifi when making mobile transactions. Use your bundles.
- Use strong passwords and security questions.