Dear Partner,

 

The Data Protection Act came into effect on 25th November 2019 and applies to any person or organization in the country handling personal information such as name, phone number, ID number etc. The Act requires all organizations that handle customer data in the country to minimize the use and transfer of customer identifiable data during the processing of a transaction.

 

We embarked on the data minimization initiative as an organization not only as a matter of compliance but in response to customer demands around the privacy of their personal information. As part of the minimization initiative, Safaricom developed and implemented solutions to reduce the amount of data in the M-PESA statements, integrations done via C2B API and SMS shared within the M-PESA ecosystem, limiting the number of names to one or two as well as employing a hashing or masking technique to minimize the presentation of the mobile numbers.

 

The above-mentioned activity was concluded on November 30, 2023, as earlier advised. Please contact your respective account manager; m-pesabusiness@safaricom.co.ke; apisupport@safaricom.co.ke; FssSupportTeam@safaricom.co.ke if you experience any issues with the M-PESA system due to the hashed API solution. Kindly provide a comprehensive description of the issue, including the short codes that are impacted. The team will promptly address your request.