Data Protection Policy

Last updated: February 20, 2026

Our Commitment to Your Safety

At Kayi App, data safety is our top priority. We understand that you trust us with your most sensitive financial information, and we take that responsibility seriously. This page outlines the comprehensive measures we have in place to protect your data and ensure your financial security.

1. Encryption Standards

We employ bank-grade encryption to protect your data.

  • Data in Transit: all data transmitted between your device and our servers uses TLS 1.3 encryption.
  • Data at Rest: stored data is encrypted using AES-256 encryption.
  • End-to-End Encryption: sensitive communications are protected with end-to-end encryption.
  • Secure Keys: encryption keys are stored in dedicated hardware security modules (HSMs).

2. Authentication and Access Control

We implement multiple layers of security to verify your identity.

  • Multi-Factor Authentication (MFA) required for all account access.
  • Biometric authentication support including fingerprint and face recognition.
  • Device authorization for new devices before access is granted.
  • Session management with automatic logout after inactivity.
  • Strong password requirements with enforced complexity standards.

3. Infrastructure Security

Our technical infrastructure is designed with security at its core.

  • Secure data centers hosted in certified, highly secure facilities.
  • Redundancy through multiple backup systems to ensure availability.
  • DDoS protection to prevent and mitigate attacks.
  • Next-generation firewalls monitoring and filtering traffic.
  • Intrusion detection with real-time monitoring for suspicious activity.
  • Regular system updates and security patching.

4. Fraud Prevention

We actively protect you from fraudulent activities.

  • AI-powered transaction monitoring for unusual activity patterns.
  • Behavioral analysis to identify anomalies in usage patterns.
  • Real-time alerts for important account activity.
  • Configurable spending and transfer limits.
  • Geolocation verification to flag suspicious login locations.
  • A dedicated 24/7 fraud monitoring team.

5. Regulatory Compliance

We comply with relevant financial and data protection regulations, including CBN guidelines, NDPR requirements, AML regulations, KYC obligations, PCI DSS expectations, and international data protection standards.

6. Security Audits and Testing

We regularly test and validate our security measures.

  • Penetration testing by independent experts.
  • Automated and manual vulnerability scanning.
  • Annual third-party audits by certified security firms.
  • Security-focused code reviews before deployment.
  • Compliance audits to ensure regulatory alignment.

7. Employee Security Practices

Our team is trained to maintain high security standards.

  • Mandatory security awareness training for all employees.
  • Background checks for staff with data access.
  • Principle of least privilege for internal access.
  • Strict confidentiality agreements.
  • Regular security policy updates and training.

8. Data Backup and Recovery

We ensure your data is always safe and recoverable.

  • Continuous backups to multiple secure locations.
  • Encrypted backup storage.
  • Regular disaster recovery testing.
  • Business continuity planning for different scenarios.
  • Geographic redundancy to reduce regional risk.

9. Account Closure & Data Deletion

  • Customers may request account closure by emailing Kayi Customer Support or using in-app support.
  • Accounts are closed after identity verification and confirmation of zero balance and no pending dues.
  • Once closed, access to the Kayi app is blocked.
  • Customer data is retained only as required under CBN regulations and Kayi MFB AML/KYC obligations, and deleted where legally permitted.

10. Your Role in Data Safety

You can help keep your account secure by following practical security habits.

  • Use a strong, unique password.
  • Enable multi-factor authentication.
  • Never share your login credentials.
  • Be cautious of phishing attempts.
  • Keep your device and app updated.
  • Review account activity regularly.
  • Report suspicious activity immediately.
  • Use secure networks and avoid public Wi-Fi for banking.

11. Incident Response

In the unlikely event of a security incident, we maintain a comprehensive response plan.

  • Immediate incident detection and containment.
  • Rapid investigation and assessment.
  • Prompt notification to affected users.
  • Coordination with law enforcement where appropriate.
  • Post-incident analysis and security improvements.

12. Transparency and Communication

We believe in being transparent about our security practices.

  • Keep you informed about our security measures.
  • Notify you of significant changes to security practices.
  • Alert you to potential security threats.
  • Provide regular security tips and best practices.

13. Report a Security Concern

If you notice suspicious activity or have security concerns, please contact us immediately.

Email: help@kayi.africa | 24/7 Support: 0800-000-KAYI (0800-000-5294) | Office Address: 61, Maganda Road, Kano, Nigeria