The Lock That Finally Slipped: How Safaricom's My OneApp Update Opens M-Pesa's Front Door to the Diaspora Again

Around midnight on a damp Thursday in Sheffield, a Kenyan postgraduate student opens the green My OneApp icon on her phone, thumb hovering over the Send Money button. She has a sister in Eldoret waiting for the equivalent of forty pounds toward a school trip. The screen blinks white, then drops her back to the login page. Her SIM is on EE, the British network. The next screen tells her that to reactivate, she will need Safaricom mobile data, a Safaricom SIM in the phone, no Wi-Fi, and no VPN. She does not have any of those things. She has, instead, a thirteen-hour time difference between her bedroom and her sister's school bursar.

For nearly two months, this small frustration has been the lived reality for a quietly enormous slice of Kenya's diaspora population. Safaricom merged its M-PESA app and MySafaricom app into a single platform called My OneApp in April, and almost from the first day the new system began throwing diaspora customers out of their own accounts whenever the phone touched a non-Safaricom signal. This week, the telecommunications operator pushed an update that begins to undo the damage.

A One-Way Door in April

When My OneApp arrived in early April, Safaricom framed it as a long-overdue consolidation. Two apps that millions of Kenyans had used daily for years, one for payments and one for airtime and customer care, would now sit under one roof. The pitch was sensible. The execution, as the technology publication TechCabal reported within days of launch, was not.

Users on Google Play left reviews about one-time-password failures and frozen transfers. Safaricom itself eventually acknowledged that customers were having trouble logging in, and that the experience was particularly painful for those moving between networks. The reason was buried in the security model. The app would sign a user out whenever it lost the Safaricom connection it had been launched on, and the only path back in was the company's own mobile data, ordered through a physical Safaricom SIM in the same device.

For a customer in Nairobi this was annoying but recoverable. For a customer in Doha, Dallas, or Düsseldorf it was a wall. Reactivation could not be done over hotel Wi-Fi. It could not be done over Airtel. It could not be done over a roaming SIM. The only options were to buy a Safaricom international roaming bundle, which is rarely cheap, or to fly home. The result, in practice, was that thousands of Kenyans who relied on M-PESA to pay rent in Kilimani, send chama contributions, or top up parents' airtime found themselves looking at a green logo that no longer recognised them.

The Workarounds That Were Not Workarounds

In the weeks after launch, diaspora WhatsApp groups filled with attempted fixes. People asked relatives back home to log in on a second device. They asked Safaricom shops in Nairobi to call the company's care line on their behalf. Some Android users found that they could uninstall My OneApp, disable automatic updates so Google Play would not push it back, and revert to the old standalone M-PESA app, which still worked. iPhone users, who could not roll back the update through the App Store, had no such escape hatch.

Safaricom's stated reason for the strict reactivation rules was fraud prevention, and specifically a defence against SIM-swap attacks, in which a criminal convinces a telecom to issue a duplicate SIM card and then drains the victim's mobile wallet. That is a real and increasingly common risk, and tying reactivation to a physical SIM-in-device check makes that attack harder. The trade-off, however, was that a significant population of completely legitimate customers, including Kenyans on student visas, on nursing contracts in the United Kingdom, on construction sites in Qatar, and on hospitality rosters in the Gulf, were effectively locked out for being where they were.

What Changed This Week

The update rolled out by Safaricom this week, first reported by TechCabal on May 23 and confirmed in independent testing by Techweez on May 25, removes the harshest part of that lock. According to both reports, My OneApp can now stay logged in when a user switches from Safaricom to Airtel Kenya or to a foreign network. Movements between Wi-Fi, roaming, and local mobile networks no longer trigger the forced logout that had defined the early weeks of the app.

In practice this means that a Kenyan in London who has already activated the app on a recent visit home can now keep using it on a British SIM without being kicked out every few minutes. The same applies to nurses on permanent contracts in Manchester, software engineers in Toronto, and care workers in Riyadh, provided they had a window to set up the app on Safaricom data at any earlier point. Safaricom told TechCabal in April that it intends to retire the older standalone apps within six months of My OneApp's launch, so the company has had every incentive to fix this before that deadline tightens.

What Did Not Change Yet

The update is not a full reopening. Initial activation, the moment of first sign-in for a customer who has never used My OneApp before, still requires Safaricom mobile data on a physical Safaricom SIM. Wi-Fi attempts and rival-network attempts at first activation remain blocked, according to the same testing. For a Kenyan who has only just landed in Birmingham or only just signed onto an offshore rig and never opened the new app at all, the practical answer remains the same as before: ask a relative to set it up on a phone in Nairobi, or wait for the next trip home, or buy the roaming bundle. The fix this week is a fix for users who were once inside the app and got pushed out. It is not yet a fix for those who never made it in.

There are also the lingering quality complaints that the new app inherited from the merger. Reviewers continue to flag confusing balance displays, slow loading, and the occasional dropped transfer. The cross-network update addresses the most disruptive single issue, but it does not on its own restore the quiet, near-invisible reliability the old M-PESA app had become over the past decade.

Why This Matters Beyond Convenience

It would be easy to file this story under product news and move on. The reason it lands harder than that, especially for readers in the diaspora, is what M-PESA actually represents abroad. For many Kenyan households, the mobile wallet is the rail along which a parent's hospital bill, a sibling's school fees, or a chama group's monthly subscription travels in real time. World Bank data has consistently shown Kenya among the most active mobile-money markets on earth, and a sizeable share of those flows originate from senders living overseas.

When the rail breaks, even briefly, the consequences are not abstract. A delayed bursar payment in Eldoret can mean a child misses a trip. A blocked transfer in Kisumu can mean a rent default. A diaspora worker in Riyadh who cannot log in to send Eid contributions to relatives feels a very specific kind of helplessness. The student in Sheffield, after the update finally pushed to her phone late on Saturday night her time, opened the app, signed in on her British connection, and sent the forty pounds. The transfer cleared in under a minute. The door, for now, is open again.