The Wallet That Wouldn't Open: How Safaricom's Quiet Update Reconnects Kenya's Diaspora To M-Pesa

For roughly six weeks, the most ordinary task in a Kenyan diaspora life — opening an app to send school fees, top up a parent's clinic bill, pay a rent deposit back home — has been a small daily humiliation. The phone is in hand. The Safaricom SIM is tucked into a drawer somewhere in Nairobi. The new My OneApp opens. And then, somewhere between the splash screen and the wallet balance, the app demands a verification step that asks for the one thing the user simply does not have: a Safaricom mobile-data connection, here, now, on a foreign continent.

Across London, Toronto, Atlanta, Doha and Sydney, thousands of Kenyans abroad have spent April and May locked out of their own money, casualties of one of the most consequential and least understood product migrations Safaricom has ever attempted. This week, a quiet software update finally turned the lights back on.

What changed this week

Safaricom rolled out an update to My OneApp early this week that allows the app to remain logged in even when a phone is on a non-Safaricom network. TechCabal, which tested the change, reported that users on Airtel Kenya, on WiFi, and on foreign mobile networks no longer get automatically signed out the moment they lose a Safaricom data connection. Techweez, in a separate report published on Monday, confirmed the same behaviour and described it as fixing what was arguably the most disruptive problem the app had since launch.

The fix is technically narrow. It does not undo the merger that created My OneApp in the first place, and it does not lift every restriction the platform has carried since April. But it removes the single friction point that turned a routine app update into a months-long crisis for hundreds of thousands of customers who do not live anywhere near a Safaricom mast.

Why diaspora users felt abandoned

To understand why a login policy mattered this much, it helps to remember what M-Pesa actually is for the Kenyan abroad. It is not a side product. For a nurse in Birmingham sending school fees to a cousin in Kakamega, a truck driver in Riyadh wiring rent to a wife in Ngong, or a graduate student in Toronto covering a parent's clinic bill, the M-Pesa wallet is the financial lifeline that connects two countries. When the wallet is unreachable, the family back home waits.

When Safaricom collapsed the standalone M-PESA and MySafaricom apps into a unified My OneApp in early April, the migration looked routine on paper. In practice, diaspora users immediately began reporting that the new app logged them out at the worst possible moments, often during a transfer, and refused to let them back in unless they were physically connected to a Safaricom SIM and Safaricom mobile data, with no WiFi, no VPN, and no rival network in the way. Techweez described the policy bluntly: for someone sitting in London or New York with no Safaricom roaming bundle, that was a dead end until they either bought a roaming bundle or flew back.

The online noise was loud through April and May. HapaKenya, a Kenyan tech blog popular with the diaspora, ran a column in mid-April under the headline "Why Safaricom's My OneApp is leaving the diaspora behind." Threads on X filled with screenshots of activation errors. Some users resorted to buying expensive roaming bundles purely to log in once and complete a single transaction. Others gave up and asked siblings back home to make payments on their behalf, which works for groceries but not for the kind of confidential or time-sensitive transfers that diaspora life often demands.

Safaricom's reasoning: fraud, not friction

Safaricom's original justification for the strict activation rules was not bureaucratic. It was a fraud-prevention measure aimed squarely at SIM-swap attacks, in which criminals trick a telco into porting a victim's number onto a fresh SIM and then drain the M-Pesa balance. Forcing a Safaricom SIM and Safaricom mobile data into the activation flow was meant to make that kind of takeover harder, because an attacker who had stolen only a username and a PIN would still need physical possession of a SIM card and a live Safaricom data session to pass the check.

The intent was sensible. The execution treated the diaspora as collateral damage. A policy designed to deter thieves in Nairobi punished schoolteachers in Boston who had done nothing wrong except move countries. That trade-off has sat at the heart of the criticism, and Safaricom has so far stopped short of publicly conceding that the original design was wrong. Instead, the company has quietly relaxed it.

Still not fully fixed

Diaspora users should not assume the door is fully open. According to TechCabal's testing, initial activation of My OneApp still requires Safaricom mobile data and cannot currently be completed over WiFi or rival networks. In other words, if a Kenyan in Dubai has never set up My OneApp on their current phone, the new update does not yet help them; they must still find a way onto a Safaricom data session at least once. For the many users who set up the app while still in Kenya before they travelled, the change is meaningful. For those who upgraded phones abroad, or reinstalled the app after a wipe, the original wall is still standing.

There are other rough edges. Through April and early May, users on Google Play and on social media reported frozen transfers, balance-display bugs, OTP delivery failures, and general sluggishness on My OneApp. Safaricom publicly acknowledged some of those issues in April and committed to fixes. Whether the cross-network login update has stabilised the wider experience, or simply patched the most visible wound, will become clearer over the next several weeks as diaspora users return to the app in numbers.

A trust test for the super-app era

Safaricom is the most consequential consumer-tech company in East Africa, and M-Pesa is by some distance the most consequential financial product on the continent. Safaricom reported that KSh 41.7 trillion moved through the platform in its last financial year. When the same company tries to fold all of its consumer services into a single super-app, every misstep is felt by millions of households, including diaspora households whose ties to home run through this exact piece of software.

The lesson of the past six weeks is not that My OneApp was a bad idea. Consolidation makes sense; running two apps that compete with each other is the kind of legacy mess that big telcos accumulate. The lesson is about whose experience gets prioritised when an engineering team imagines its average user. If the user is a Nairobi commuter on a Safaricom SIM, the activation rules looked defensible. If the user is the nurse in Birmingham who funds her family, the rules were a disaster.

This week's update suggests Safaricom has, at least partly, internalised that distinction. The company has not made a song and dance about the change, which itself says something about how it now sees the previous design: as a bug to be patched rather than a policy to be defended. For Kenyans abroad who have been quietly furious for two months, the silent fix will do for now. The trust they extend the next time Safaricom redesigns their wallet will be considerably harder to earn.