Prime

Coordinates of control: How location data is powering Kenya’s e-commerce economy

Georeferencing carries governance and security implications because precise location data is sensitive, especially when linked to commercial operations and predictable activity patterns.

Photo credit: Shutterstock

By  Kabui Mwangi

Correspondent

Nation Media Group

The Kenya Revenue Authority (KRA)’s recent move to lock electronic tax invoices to specific geographic coordinates has pushed georeferencing into the mainstream, signalling that location data is increasingly becoming a tool of accountability in the digital economy.

The taxman has piloted the approach under eTIMS to curb fictitious invoicing by tying each invoice to a mapped point linked to a service location or seller address for easier validation.

KRA’s goal is to reduce invoice fraud by making it harder to manufacture transactions at scale, especially during periods when taxpayers rush to secure compliance invoices to support expense claims.

Related

Georeferencing broadly refers to attaching a reliable location tag to a digital record, allowing the record to be plotted on a map and compared against another activity to test consistency.

In more practical terms, it converts the “where” from a narrative description into a structured data point, turning location into an input that systems can search, group, and interrogate at scale.

Instead of relying on descriptive addresses or self-declared locations, the system captures latitude-and-longitude coordinates, allowing verification against registered premises, service sites, and expected trading patterns.

For KRA, its value lies in turning location into a data field, meaning investigators can run anomaly detection at scale, flag outliers, and build risk models without manually reviewing individual invoices.

The concept has wide relevance in today’s world as the modern economy already depends on location-linked digital logs, even when users do not explicitly think of them as georeferenced records.

Logistics firms, for example, rely on georeferencing to confirm pickup and delivery points, resolve disputes, optimise routes, and establish proof of delivery when parcels go missing.

The same applies to e-commerce platforms, which use location tagging to match buyers to sellers, allocate riders, estimate arrival windows, and determine whether an order moved through the correct fulfillment chain.

In the banking sector in Kenya, geofencing has been deployed as location intelligence to strengthen fraud controls by helping institutions detect anomalous behaviour, such as transactions that do not align with normal geographic patterns for an account.

Card systems and mobile banking platforms often treat location as a risk signal, since coordinated fraud tends to concentrate around hotspots that reveal organised activity rather than random individual behaviour.

Other sectors that have benefited from georeferencing include insurers who use it to strengthen claim verification, especially in motor insurance, where location records are utilised to support case assessments, while in land administration, georeferencing strengthens property valuation and spatial planning.

In 2023, Safaricom introduced a policy that locks tills to specific locations in a bid to combat fraud, in a concept known as geo-locking that allows M-Pesa agents to operate tills only within designated geographical locations.

This means that should an operator relocate, the till automatically shuts down, and customers cannot withdraw or deposit cash.

The policy shift saw the telco record its first-ever decline in the number of agents during the financial year ended March 2024, dropping to 262,016, down from 270,360 at the end of the prior fiscal year.

The mechanics of the KRA-style georeferencing vary by system design, with location captured either directly at the point of transaction or assigned from a verified reference location tied to a registered entity.

While one model captures coordinates from the device generating the record, meaning the system logs the location where the invoice was issued, a second model assigns coordinates from verified business premises or approved service points, improving consistency and reducing manipulation risk.

Other advanced implementations deploy layered verification, combining geolocation with time stamps, device identifiers, network characteristics, and behavioural patterns to reduce the feasibility of sustained manipulation.

Governance / risk implications

Georeferencing, however, carries governance and security implications because precise location data is sensitive, especially when linked to commercial operations and predictable activity patterns.

If location-tagged records are mishandled, leaked, or accessed improperly, they can expose business footprints, consumer routines, and high-value sites, creating operational and personal security risks.

For individuals, location-tagged activity can reveal routines, residences, workplaces, and predictable behaviour, which can enable harassment, stalking, or targeted theft if access is abused.

The precision question also raises fairness concerns, since GPS accuracy varies across devices and environments, meaning legitimate taxpayers in dense urban settings or low-signal areas can generate noisy location signals.

This creates the risk of false positives, where well-intentioned clustering in markets, malls, and shared commercial buildings triggers false suspicion from the authorities despite reflecting normal patterns of commerce.

[email protected]

PAYE Tax Calculator

Note: The results are not exact but very close to the actual.

Get it First!

Stay up to date on the editors' picks of the week.

Latest

  1. PRIME NCBA owners face higher dividend taxes in Nedbank deal

  2. PRIME Housing Finance posts the highest lending margins

  3. How to prevent acid reflex and heartburn

  4. PRIME Ketraco to build substations at Coastal region in Sh15bn project

In the headlines

View All