Why M-Pesa has turned to a privacy nightmare

by Diaz
0 comment

With great power comes great responsibility. For Safaricom. They have great power and success, minus the responsibility. Let me explain.

Mpesa remains to be the golden poster girl of innovation in Kenya and a remarkable revolution on how mobile money can be done right. It has changed lives literally. It has improved how business is done and greatly increased efficiencies in almost all sectors from government services to private and our personal lives. This has given safaricom great power but almost zero responsibility in how they protect our data.

Without being polite, they almost dont and the flaw is inbuilt right into their system.

Let us start with their app which is technically true-caller. We can use it to find the accurate information of any safaricom subscriber as long as they are registered with Mpesa. When sending money to a user, safaricom shows you their contact and you have a few seconds to cancel the transaction. This makes it easy to identify someone’s name just using their phone number. You can do this 3 times in a day but if you switch to their android or ios app, it is unlimited by simply killing the app from recent applications.

When you use an ATM card to make a purchase in a supermarket, they dont have any way to identify who you are beyond your name. Even in the past, before atm cards had a secure chip, the most the attendants could do is to look at the name on the atm and look at your ID card to verify information and that was it. Pay, and move on. With Mpesa, making a payment to a supermarket means they have collected 1. Your phone number and 2. Your real names according to your national ID. This is information they get freely just from the sms Mpesa has sent them either using till number or a Paybill number. A few hours later, the supermarket can go on and send you a text message as a thank you for transacting with them. 2 days later, they will send you another sms informing you of new offers and before you know it, you are in an sms relationship receiving smses constantly about their different services.
That is one transaction from one company. The same thing happens if you use Lipa na Mpesa in night clubs, restaurants, hotels, etc. They will start sending you messages of their different offerings and eventually turn your phone sms into a marketing nightmare with companies sending you messages as early as 5 am or even as late as 1am.

The most common way companies collect data nowadays is through websites and mobile apps. They require you to create an account before transacting & you will have to agree to their legal requirements. This doesn’t apply in the case of walk-ins e.g in supermarkets or restaurants. There is no place you sign or get an agreement to receive any marketing messages or your personal information being collected & stored and this leaves you vulnerable.
Safaricom says you can use the shortcode to block the marketing messages but there are many times when this doesn’t work.

Lipa na mpesa as a service makes it easy for businesses and people to go cashless. It makes payments easy even though it is quite slow to use compared to just paying cash or using an ATM card but we can talk about this in a different topic looking at the M-pesa architecture and how it needs to change.

There have been cases of people buying the Mpesa agents books which have information of people that use Mpesa as high as kshs 5 per person especially when it is close to elections time. The agents are also able to sell this contact information to other companies like bulk sms companies and since we use Mpesa several times a week, it is impossible to trace who gave out your information.

There have been so many fraud cases where a person calls you and identifies you by name and even your government ID number and this people can easily be able to con you and even do sim swaps and replace your phone number. A phone number today is like an extension of a person and we have linked our phone numbers as primary point of authentication with banks, emails and several other online services that use sms as one time pins. This brings in the risk of someone being able to catfish you or hack you through social engineering, which can be seen on how effective those smes from “prison” are.

How can safaricom fix this?

Now this is a hard question to answer. Like I mentioned before, the problem is in the core system of M-Pesa and will require changing how it works.
Here are a 2 suggestions I could come up with.

One time pins
When you withdraw money from an ATM, the ATM doesn’t ask you for any personal information. Instead, you have a 1 time pin that you can use with at the ATM and withdraw cash.
The suggestion is simply turning the agents system into ATMs. Before withdrawing, i choose I want to withdraw at an agent instead of ATM. This will send me an sms with a 6 digits which I will give the agent. The agent will then be able to complete the process and select the amount I need to withdraw and finish the process without having to write anything or ask me for my ID. It already works when withdrawing from an ATM

Option 2.
Creating an alias.

What we are trying to solve is avoiding giving out personal information. This option can best work to replace the current procedure of sending money to businesses using till numbers and paybill numbers.
How will this work? I will go to till number and it will generate a random name or number which will be sent as information to the business plus transaction charge. If the business needs to verify the transaction, I will have the same text in my phone and can show the attendant to verify.

Hopefully this changes can become useful and reduce the constant marketing messages we receive from companies. I hope safaricom can adopt the changes or come up with better solutions to protect our personal data because we are drowning in spam messages and trying to be conned every next day.

Related Posts

Leave a Comment