As millions of Kenyans benefit from the innovative below-the-line asset financing, Buy Now, Pay Later, the model is under fraud threats, mostly targeting smartphones.
Various sector players have reported losses running into tens of millions to phone flashing, an illegal modifications to the software of financed devices, allowing users to bypass security systems designed to lock phones in case of a payment default.
They are now worried that the trend is likely to hurt progress made in offering millions of low-income earners a lifeline to the digital economy.
According to the Communications Authority of Kenya, the Buy Now, Pay Later (BNPL) model is at the heart of this transformation, which has boosted smartphone penetration to 68.3 per cent.
The Star spoke to leading players in the leading players in the Buy Now, Pay Later asset financing model who said that the practice is rampant in towns like Kitale, Eldoret, Kisii, and Nairobi, causing them significant financial losses and eroding consumer trust in mobile financing models.
“This isn’t a small-scale issue; it’s a coordinated operation,” says Ken Gitonga, head of Technical Products at Watu Credit. According to him, the industry lost tens of thousands of devices in two months between July and September last year, almost Sh100 million in value.
“Entry-level smartphones, prized for their affordability and demand in markets like Uganda and Ethiopia, are particularly vulnerable.”
Companies like Watu Simu and M-KOPA have borne the brunt of the epidemic. For instance, highly sought-after models such as the Samsung A04 and A14 series have been withdrawn from sale due to their susceptibility to hacking.
The impact is stark: Watu’s monthly smartphone sales plummeted from 50,000 units to just 30,000 month-on-month, underscoring the severity of the threat.
The proliferation of online resources teaching users how to bypass security measures compounds the problem.
A quick search reveals videos and guides instructing users on removing M-KOPA tracking systems from financed phones.
On TikTok, users like “Mkopa Guru” openly invite others to contact them for assistance in unlocking devices, showcasing the audacity and accessibility of these schemes.
The consequences extend beyond corporate losses. Retailers who depend on financed devices for income have seen revenues nosedive, with some forced to cut jobs.
“This crisis affects the entire ecosystem,” notes Nick Onunga, CEO of Ethany Mobiphones. “From distributors to end users, everyone feels the ripple effects.”
BYPASSING SECURITY SYSTEMS
Flashers often use advanced tools to bypass security systems and frequently collude with customers who default on payments.
Law enforcement acknowledges the challenge but emphasizes the legal ramifications. “Tampering with financed devices is a criminal offense under the Computer Misuse and Cybercrimes Act,” says a law enforcement officer familiar with the issue.
However, limited enforcement capacity means many perpetrators operate with impunity. In response, mobile financiers are ramping up counter measures.
Firms like Watu Simu have partnered with manufacturers such as Samsung to integrate advanced security technologies like Knox Guard PAYG.
This software has been pivotal in thwarting many hacking attempts. Additionally, companies are tightening their Know Your Customer (KYC) processes and reducing authorized dealerships to minimize exposure to bad actors.
While effective, these measures have come at a cost, with legitimate dealers experiencing reduced business opportunities.
Another strategy involves focusing on financing less expensive models, typically priced below Sh16,000, which are less appealing to hackers. Although this shift may limit revenue growth, it’s a necessary trade-off to stabilize the industry.
“The rise of phone flashing also reflects broader economic and social issues. Many consumers acquire smartphones through BNPL programs without the financial stability to meet repayment plans. This creates fertile ground for unethical practices like flashing. “It’s not just a technical problem; it’s also behavioral,” says Onunga.
“Customers need to understand that defaulting on payments and enabling flashing ultimately damages the system for everyone.”
Industry leaders are calling for stronger legal deterrents.
“There must be serious consequences for those involved,” argues Gitonga. “We’re collaborating with authorities to ensure offenders are held accountable.”
Despite challenges, the industry is banking on enhanced security measures, robust customer education, and stakeholder collaboration to fortify Kenya’s mobile financing ecosystem.
Companies like Watu Simu and M-KOPA are trying to balance innovation with vigilance. In a country where youths are now actively engaged in hacking as a business, the battle against phone flashing is far from over.
The industry is also evolving, and the tactics of those seeking to exploit it will change. Success will hinge on technological innovation, legal enforcement, and a collective commitment to sustaining the promise of digital inclusion for all.
The industry cry for help is coming at a time when cybercrime activities are rising in the country, with the latest report by PwC showing that 92 per cent of top firms in East Africa have placed cyber security at the top of their agenda, outweighing the global average of 78 per cent.
Two weeks ago, a report by the International Criminal Police Organisation (INTERPOL) revealed how Kenyan hackers reportedly made away with Sh1.1 billion in a massive cybercrime operation this year. At least 24 individuals have been arrested.
