kwabe vic 
- Safaricom Bets on Privacy as M-PESA Data Minimization Signals Shift in Digital Payments;
Kenya’s leading telecom, Safaricom, is doubling down on data privacy as a competitive and trust-building strategy with the rollout of data minimization across M-PESA person-to-person (P2P) transactions.
The feature, set to go live on March 24, 2026, will see customer phone numbers partially masked and names reduced in transaction notifications, marking a significant evolution in how Africa’s largest mobile money platform handles personal data.
For Safaricom, the move reflects more than a technical upgrade, it signals a broader strategic pivot toward privacy-led growth in an increasingly digital economy.
“Trust is the currency that we really want to continue to value as a business,” said Safaricom CEO Peter Ndegwa.
“We are going to extend data minimization now to one of the biggest components of the transactions we do, which is the P2P,” he added, emphasizing the centrality of the segment to M-PESA’s ecosystem.
With the platform processing up to 150 million transactions daily, maintaining user confidence has become critical to sustaining scale and market leadership.
M-PESA’s dominance, handling tens of millions of daily P2P transactions, has also exposed users to rising risks, including fraud, spam, and social engineering.
By masking phone numbers and limiting visible personal identifiers, Safaricom is effectively reducing the data surface available to bad actors.
Sharon Holly noted that the initiative responds directly to customer concerns.
“We have received in the past complaints from customers transacting on M-PESA and we wanted to find ways in which we can protect our customers,” she said.
Under the new system, users will only see a sender’s first and last name, alongside a partially hidden phone number, ensuring identification without overexposure.
“This is a step in a long journey that began in 2020,” Holly added, pointing to earlier interventions across products, internal systems, and merchant integrations.
Strengthening the Value Proposition
As digital payments expand across Africa, differentiation is shifting beyond convenience and accessibility toward security and data protection.
Esther Waititu emphasized that the decision is proactive rather than regulatory-driven.
“This move has not been done because of compliance, but… to ensure that we are valuing you as our customer and that we’re taking feedback from you,” she said.
The rollout aligns with global data protection principles that emphasize minimizing the collection and exposure of personal information.
While reducing visible data, Safaricom is maintaining transaction transparency and introducing a consent-based verification mechanism.
Through SMS code 334, users can request full sender details, with the sender retaining control over whether to share the information.
This approach reflects a growing industry trend: shifting from open data sharing to user-controlled data access.
Safaricom’s scale means its policy shifts often ripple across the broader fintech and telecom ecosystem.
“Data protection is bigger than one organization,” Ndegwa said, calling for collaboration among regulators, service providers, and industry players to build a secure digital environment.
As Kenya continues to lead globally in mobile money adoption, the rollout could set a precedent for how digital financial services balance growth, security, and user trust.
With M-PESA at the heart of Kenya’s digital economy, Safaricom’s data minimization push reflects a deeper reality: in the next phase of fintech growth, trust, and how well companies protect user data, may prove as valuable as the transactions themselves.
