If you are an active Safaricom user, you have probably been annoyed to a point of acceptance, by the unsolicited and uninvited promotion messages from unknown businesses and services. This is usually a result of merchants sharing customer personal information with third-party services, which is data they have access to after every transaction.
According to an executive at the company, Safaricom is now working on a feature that will block a customer’s contact details when they make a payment to a merchant through their Lipa na Mpesa platform.
Lipa na M-PESA is a cashless payment service by Safaricom that allows customers to make payments for goods and services securely and conveniently. As of this moment, details including official names and phone numbers are fully availed to the merchant per every transaction. This has been noted to be a source of personal information trading to either fraudsters or advertisers, compromising user private data.
It is therefore not surprising that a recent survey revealed that 20% of Kenyan companies have been sharing personal data of their customers with third parties, and without consent. Some of the firms have also been found to share this data with law enforcement officials for investigation purposes. Personal data sharing in this manner is in breach of the data protection law of 2019 that seeks to protect individual privacy. Individuals in breach risk a maximum fine of Sh3 million or 10 years in jail, while firms risk a fine of up to Sh5 million or one percent of annual turnover.
Safaricom is now reported to be leading off by blocking parts of a customer’s contact details, just like the model banks use when sending account numbers. Once a transaction is complete, the telco will omit the middle digits in a phone number and only display the first and the last few digits. This will have effectively sealed them off from accessing the full phone numbers that are consequently used for unwanted advertisements.