Public Call for Enhanced Privacy

NAIROBI, KENYA – Monday, 17 November 2025, 6:49 AM (EAT) – Philip Etale, the Director of Communications for the Orange Democratic Movement (ODM), has ignited a national conversation on mobile money security after highlighting a significant privacy flaw in Safaricom's M-Pesa payment system. In a widely circulated statement, Etale called on the telecommunications giant to transition from the widely used Till Number system to QR code-based payments to protect the personal data of millions of Kenyan users.

The core of the issue lies with the 'Lipa na M-Pesa' service, where a customer's full name and phone number are often visible to merchants upon completing a transaction. This exposure, Etale and other privacy advocates argue, creates a substantial risk for unsolicited marketing, scams, and potential harassment. "Your phone number is your digital identity," Etale noted, urging Safaricom to prioritize user privacy by adopting more secure technologies.

The Till Number's Privacy Problem

When a customer pays for goods or services using a Lipa na M-Pesa Till Number, the merchant receives a notification that typically includes the customer's registered name and mobile number. While this serves as a confirmation of payment, it also means that thousands of merchants, from large supermarkets to small kiosks, collect a database of their customers' private contact information. This practice has long raised concerns among cybersecurity experts and consumers. The data can be misused for sending spam messages or, in more malicious cases, sold to third parties for targeted advertising or fraudulent activities. Kenya ranks among the top countries globally for spam messages, a problem potentially exacerbated by the widespread availability of phone numbers from commercial transactions.

This issue directly intersects with Kenya's Data Protection Act, 2019, which mandates that data controllers, like Safaricom and its merchants, must process personal data lawfully and ensure it is collected for specific, legitimate purposes. The principle of 'data minimisation'—collecting only what is necessary—is a cornerstone of the Act. The Office of the Data Protection Commissioner (ODPC) has shown a willingness to enforce these regulations, issuing significant fines to companies for non-compliance, including the misuse of personal data.

QR Codes: A Proposed Solution

The alternative proposed by Etale is the wider implementation of Quick Response (QR) code payments. Safaricom has had an M-Pesa QR code system in place for several years, allowing customers to scan a code with their smartphone to initiate a payment without manually entering a Till Number. The primary privacy advantage of this method is its ability to mask or tokenize the payer's personal information. Instead of sending a customer's phone number, the system can process the transaction using a unique identifier, shielding the user's contact details from the merchant.

Globally, QR code payments are a mature and widely adopted technology, particularly in the Asia-Pacific region. Countries like China and India have demonstrated the efficiency and scalability of QR-based systems like Alipay, WeChat Pay, and UPI, which now process billions of transactions. The global QR code payment market is projected to grow significantly, driven by high smartphone penetration and the demand for contactless, secure payment options.

Safaricom's Position and Market Context

Safaricom has previously acknowledged the privacy concerns surrounding Lipa na M-Pesa. In 2021, the company announced plans to introduce a feature that would mask customers' phone numbers during transactions, displaying only the first and last few digits, similar to how banks handle account numbers. However, the complete rollout and universal adoption of this feature remain incomplete, and the fundamental issue of data exposure persists for many users. The company has consistently stated its commitment to adhering to data protection laws and has achieved ISO 27701 certification for its Privacy Information Management System. In its privacy statements, Safaricom notes that customer information may be available to third parties involved in the mobile money service, including merchants, but pledges to act in accordance with applicable laws.

The debate now centers on whether Safaricom should more aggressively push its existing QR code solution as the primary method for merchant payments. While the technology is available via the mySafaricom and M-PESA apps, its adoption by both merchants and consumers has been slower than the ubiquitous Till Number system. This may be due to habit, a lack of awareness, or the perception that the current system is 'good enough'.

As Kenya's digital economy continues to expand, the tension between seamless convenience and robust data protection will become more pronounced. The call from public figures like Etale amplifies the growing consumer demand for greater control over personal data, placing the onus on market leaders like Safaricom and regulators like the ODPC to pave the way for a more secure financial ecosystem.