M-PESA Rolls Out Data Minimization Feature to Boost Customer Privacy in P2P Transactions

Kenya’s leading mobile money platform, Safaricom, is ushering in a new era of digital privacy with the rollout of a data minimization feature on M-PESA Send Money (P2P) transactions, set to go live on March 24, 2026.

The update marks a significant shift in how customer information is shared during transactions, with Safaricom moving to limit the exposure of personally identifiable data while maintaining transparency and trust across its ecosystem.

Under the new system, users will no longer see full phone numbers in transaction notifications. Instead, mobile numbers will be partially masked—for example, appearing as 0722***000—while only two names of the sender will be displayed instead of the full three. Crucially, transaction details such as amount, date, and transaction code will remain unchanged to ensure accountability.

This move comes as digital transactions continue to surge, with M-PESA handling over 37 million daily peer-to-peer transactions out of a total 137.9 million, valued at KSh27 billion daily. As usage grows, so too does the need to safeguard user data from misuse, fraud, and unsolicited contact.

Safaricom says the feature is designed to strike a balance between privacy and usability. Customers who need more information can still access it through a newly introduced verification process. By forwarding a transaction message to code 334, recipients can request the sender to share their full details. The sender retains full control, with the option to approve or decline the request within 24 hours.

The company notes that the initiative is part of a broader, multi-year journey toward embedding privacy into the M-PESA experience. Data minimization has already been implemented across several touchpoints, including M-PESA statements, internal staff access, and Buy Goods and Paybill integrations.

Beyond privacy, the benefits are expected to ripple across the digital payments landscape. By masking phone numbers, the feature reduces the risk of spam calls, marketing messages, and post-transaction harassment. It also limits the ability of fraudsters to harvest personal data for social engineering attacks—a growing concern in Kenya’s mobile money space.

More importantly, the move aligns M-PESA with global data protection principles that emphasize sharing only the minimum necessary information. This is expected to further strengthen customer confidence in the platform, which remains a backbone of Kenya’s digital economy.

As Safaricom continues to evolve M-PESA, the message is clear: in the future of digital finance, less data shared could mean more security, more trust, and ultimately, a better customer experience.

Read Also: Safaricom, Sprite Team Up to Empower Young Creators Through Hook’d on Fresh Series