For years, millions of Kenyans have used M-Pesa to send and receive money daily, often without thinking twice about the information shared in the process. Every transaction reveals names and phone numbers. But according to Safaricom CEO Peter Ndegwa, this has quietly created room for fraud and misuse of data.
To solve this, the telco is set to roll out a new Person-to-Person (P2P) data minimisation feature on March 24, 2026.
For the first time, users will have more control over what personal information is shared during MPESA transactions.
How Safaricom’s person-to-person System Will Work
Under the new system, less of your personal data will be visible by default.
When you send money:
- Only your first and last name will be displayed for identification.
- Your full phone number will be masked..i.e 0716***123.
This means that even after completing a transaction, the recipient won’t have full access to your contact information unless you allow it.
How Users Can Verify Transaction Details
To maintain trust between users, Safaricom has introduced a verification option.
If a recipient wants to confirm the sender’s full details:
- They can forward the transaction message to 334 within 24 hours
- The sender will receive an SMS request
- The sender can then choose to approve or decline sharing their full name and mobile number
This ensures that verification is still possible, but only happens with user consent
Why this matters to everyday Kenyans
Think about it.
A boda rider, a small business owner, or even a student can send money to multiple people in a day. Each time, their phone number is shared, sometimes ending up in the wrong hands.
That’s where problems begin:
- Unwanted calls after paying a shop
- Fraudsters using your number to target you
- Personal details being stored without your knowledge
Ndegwa emphasized this reality during a media briefing on March 18, noting that fraud often starts with information people freely give out, whether it’s phone numbers, IDs, or transaction details.
“Beyond transactions, we must be conscious of how we leave our personal information,” he said.
What about businesses?
For businesses, especially small traders and merchants, this shift is also significant.
Previously, merchants could see a customer’s full phone number after a payment. But under the new system, that visibility will be limited—reducing unnecessary exposure of customer data.
This could help curb issues like:
- Customers receiving unsolicited marketing messages
- Misuse of personal contact details
- Data being collected without clear consent
At the same time, Safaricom is trying to strike a balance, ensuring transactions remain smooth while protecting users.
The real challenge: changing behavior
While the technology is new, the bigger shift is human.
Many Kenyans are used to casually sharing personal information, writing phone numbers in logbooks, giving IDs to delivery riders, or forwarding M-Pesa messages for proof of payment.
Safaricom admits that technology alone won’t fix this.
That’s why they are pushing for continuous public education to help users understand how to protect themselves.
