About us

Our solutions

Individuals
Businesses
Builders
Agents
Contact us

Register

Register as a business
Register as a customer

Customer Terms & Conditions

Introduction

Welcome to Kashia Services Limited ("Cashia," "we," "us," or "our"), a trusted payment service provider licensed by the Central Bank of Kenya (CBK) under the National Payment System Act, 2011. Our mobile app ("App") offers secure and convenient payment solutions to make your financial transactions easy and reliable.

Our Stika QR code feature, a trademark registered with the Kenya Industrial Property Institute (KIPI), lets you activate a digital wallet, create a personalized Stika name, and make payments or transfers using M-Pesa, Visa, or Mastercard. Stika complies with the Kenya Quick Response (KE-QR) Code Standard 2023, ensuring safe and seamless transactions.

We prioritize your security and privacy, adhering to the Data Protection Act, 2019, and CBK regulations. Our services include mobile money transfers, all designed to support Kenya’s vision for digital payments. These Terms and Conditions ("Terms") govern your use of the App and services. By using them, you agree to these Terms. If you don’t agree, please do not use the App or services. Join us in making payments simple and secure!

1. Definitions

AML/CFT — Anti-Money Laundering and Combating the Financing of Terrorism, regulations enforced by the CBK to prevent illegal financial activities.

App — The Cashia Services Limited mobile application used to access payment services.

CBK — Central Bank of Kenya, the regulatory authority overseeing Cashia’s operations under the National Payment System Act, 2011.

CRC — Cyclic Redundancy Check, a checksum mechanism used in Stika QR codes to ensure data integrity during scanning, as per the KE-QR Code Standard 2023.

Customer — An individual who registers and uses the Services through the App, also referred to as the payer in QR code transactions.

DFSP — Digital Financial Service Provider, a regulated entity (e.g., bank, mobile money operator, or PSP like Cashia) that holds customer funds and facilitates transactions.

IPRS — Integrated Population Registration System, a Kenyan government system used by Cashia for identity verification during wallet activation.

KEPSS — Kenya Electronic Payment and Settlement System, a CBK-operated system for processing real-time interbank transactions, used for Cashia bank transfers.

KE-QR Code Standard — The Kenya Quick Response Code Standard 2023, issued by the CBK, which defines the technical and operational requirements for QR code payments in Kenya, based on EMVCo specifications.

OCR — Optical Character Recognition, a technology used by Cashia to extract and process data from documents or images submitted through the App for identity verification or transaction processing.

ODPC — Office of the Data Protection Commissioner, the regulatory authority overseeing data protection in Kenya under the Data Protection Act, 2019.

PCI DSS — Payment Card Industry Data Security Standard, a set of security standards Cashia adheres to for processing Visa and Mastercard transactions.

PSP — Payment Service Provider, a licensed entity like Cashia that facilitates electronic payment methods, including digital wallets and QR code payments.

Services — Payment services offered by Cashia, including mobile money transfers and the Stika QR code feature.

Static QR Code — A QR code containing fixed customer data (e.g., Stika name) for multiple transactions, presented via electronic display (e.g., App screen), as per the KE-QR Code Standard (Section 10).

Stika — A QR code-based feature in the Cashia App, registered as a trademark with the Kenya Industrial Property Institute (KIPI) under the Trade Marks Act, Cap 506, Laws of Kenya, enabling wallet activation, personalized naming, and transactions such as wallet top-ups and money transfers using Static QR Codes, compliant with the KE-QR Code Standard 2023.

Transaction Amount — The value of a payment transaction in Kenya Shillings (KES), input by the customer for Static QR Codes, per the KE-QR Code Standard (Section 7).

Trust Account — A designated account held by Cashia with a commercial bank for safeguarding customer funds, as required by CBK regulations.

2. Eligibility

  • General Requirements: To use the Cashia App and Services, including the Stika QR code feature, you must meet the following criteria:

    • Be at least 18 years old and have the legal capacity to enter into binding agreements under Kenyan law.
    • Be a resident of Kenya or a legally authorized non-resident (e.g., holders of Alien Cards).
    • Provide a valid identification document (e.g., National ID, Alien Card, or Passport) and a registered mobile number.

  • Identity Verification: Cashia requires identity verification to comply with CBK’s AML/CFT regulations, the Data Protection Act, 2019, and the KE-QR Code Standard 2023 (Section 8). You must submit accurate and complete information during registration, which may be verified using Optical Character Recognition (OCR) technology (as described in Section 5) and the Integrated Population Registration System (IPRS). Cashia may request additional documentation to confirm your identity or eligibility at any time.

  • Restrictions: You are not eligible to use the App or Services if:

    • You are under 18 years old or lack legal capacity.
    • You are listed on any sanctions list maintained by the CBK, the United Nations, or other relevant authorities under AML/CFT regulations.
    • You provide false, incomplete, or misleading information during registration or verification.
    • Your use of the Services violates Kenyan laws, CBK regulations, or these Terms.

  • Ongoing Compliance: Cashia may periodically review your eligibility and request updated information to ensure compliance with AML/CFT regulations, the Data Protection Act, 2019, and the KE-QR Code Standard 2023. Failure to provide requested information may result in suspension or termination of your account, as outlined in Section 13. Where suspicious activity is detected, Cashia is authorized to immediately suspend your account and freeze associated funds in the Trust Account pending investigation and regulatory review, in accordance with AML/CFT obligations and CBK directives. You will be notified promptly and may submit clarifying information during the review process.

  • Account Approval and Refusal: Cashia reserves the right to approve, reject, or suspend your account based on eligibility verification, regulatory compliance, or suspected fraudulent activity. If your registration is rejected, you will be notified via the App or email, with reasons provided where applicable, in line with the Consumer Protection Act, 2012.You may appeal or request a review of a rejected onboarding decision by contacting customer support at [email/phone] within 14 days of notification. Cashia will review the case and respond within 7 business days, allowing you to submit additional information or rectify discrepancies. This appeal process supports good governance, fairness, and transparency under Consumer Protection principles.

  • Liability for Ineligibility: If you access the Services without meeting eligibility requirements, Cashia is not liable for any losses, and you may be required to indemnify Cashia for any resulting damages or regulatory penalties. Cashia reserves the right to immediately close the account, reverse or freeze any transactions, and report the incident to the Central Bank of Kenya (CBK) and the Financial Reporting Centre (FRC) — Kenya’s Financial Intelligence Unit (FIU) — in compliance with AML/CFT regulations and the National Payment System Act, 2011.

3. Services Provided

Kashia Services Limited offers digital payment services through the App, designed to facilitate secure, efficient, and interoperable financial transactions for individual users in Kenya, in compliance with the National Payment System Act, 2011, the KE-QR Code Standard 2023, NPS (E-Money) Regulations 2021, and other applicable regulations. The NPS (E-Money) Regulations 2021 govern wallet issuance, trust account management, and settlement obligations. All services are subject to availability, transaction limits, network connectivity, and CBK oversight.

  • Mobile Money Transfers:

    • Description: Send and receive funds within Kenya to other Cashia wallets or bank accounts via the Kenya Electronic Payment and Settlement System (KEPSS). Transfers are processed in real-time, subject to network availability and transaction limits approved by the CBK.
    • Features: Supports peer-to-peer transfers using Stika names or bank account details. Recipients receive transaction notifications via SMS or in-App messages, ensuring transparency per the KE-QR Code Standard (Section 4).
    • Interoperability: Integrated with major mobile money platforms like M-Pesa and banking systems via KEPSS, ensuring seamless cross-platform transfers as mandated by the KE-QR Code Standard (Section 5).
    • Security: Transactions are secured with PIN or biometric authentication and comply with AML/CFT regulations. Funds are held in a Trust Account with a licensed commercial bank for safety.
    • Cashia-to Mobile Money Transfers: You may transfer funds from your Cashia wallet to a registered M-Pesa account, subject to applicable fees as disclosed in the App. These transfers are processed in real-time, adhering to CBK regulations and the KE-QR Code Standard’s interoperability requirements (Section 5).

  • Stika QR Code Services:

    • Description: The Stika QR code feature, a KIPI-registered trademark, enables users to activate a digital wallet, create a personalized Stika name, and perform transactions such as wallet top-ups and money transfers using Static QR Codes. Stika complies with the KE-QR Code Standard 2023.
    • Functionalities: Includes wallet activation, top-ups using M-Pesa and transfers to Cashia wallets, MPESA or bank accounts.
    • Security: Employs PIN/biometric authentication, CRC checksums (Section 7), and PCI DSS-compliant gateways to ensure transaction integrity and fraud prevention (Section 8). All sensitive data in transit and at rest is protected using end-to-end encryption (E2EE), and payment credentials are replaced with secure tokens (data tokenization) to enhance user trust and prevent exposure of actual card or wallet details. You are responsible for safeguarding your Stika QR code and authentication credentials.
    • Consumer Support: Offers in-App guides and customer support for using Stika QR codes, ensuring a user-friendly experience (Section 4).

  • Bill Payments and Airtime Services:

  • Description: Cashia has introduced a convenient Bill Payment section within the App, allowing you to pay utility bills and purchase airtime/top-up services directly from your Cashia wallet. This feature enhances financial inclusion by providing quick, secure, and paperless access to essential services, in full compliance with the National Payment System Act, 2011, the NPS (E-Money) Regulations 2021, CBK guidelines, and applicable interoperability standards.

  • Supported Services:

  1. KPLC Prepaid Tokens — Purchase electricity tokens for Kenya Power and Lighting Company (KPLC) prepaid meters by entering your meter number and desired amount. Tokens are delivered instantly via SMS upon successful processing.
  2. Safaricom Airtime — Buy airtime/top-up for Safaricom mobile numbers (prepaid lines).
  3. Airtel Airtime — Purchase airtime/top-up for Airtel Kenya mobile numbers.
  4. Telkom Airtime — Buy airtime/top-up for Telkom Kenya mobile numbers.
  • Process: Select the Bill Payment section in the App, choose the desired service (e.g., KPLC Tokens or specific network airtime), enter the required details (such as meter number or mobile number), specify the amount in Kenya Shillings (KES), and authenticate the transaction using your PIN or biometric verification. Transactions are processed in real-time, subject to network availability, sufficient wallet balance, and applicable transaction limits.
  • Interoperability and Integration: These services are facilitated through secure integrations with the respective providers (KPLC, Safaricom, Airtel, and Telkom), leveraging CBK-approved payment rails and ensuring compliance with interoperability requirements where applicable.
  • Fees and Transparency: All applicable fees for bill payments and airtime purchases are clearly displayed in the App before you confirm the transaction. Cashia ensures no hidden charges, in line with the Consumer Protection Act, 2012. Fees are deducted directly from your Cashia wallet at the time of processing.
  • Security: All bill payment and airtime transactions require secure authentication (PIN or biometrics) and are protected by end-to-end encryption, fraud monitoring systems, and compliance with PCI DSS standards (where card payments are involved indirectly via wallet funding).
  • Consumer Support: In-App guides, tutorials, and customer support (via in-App chat or phone: 0709200900) are available to assist with using the Bill Payment section. Transaction receipts/notifications are sent via in-App messages and/or SMS for transparency and record-keeping.
  • Limitations and Availability: Services are subject to daily/monthly transaction limits approved by the CBK, third-party provider availability (e.g., KPLC or mobile network systems), and network connectivity. Cashia is not liable for delays, failures, or errors caused by third-party systems or incorrect details provided by you (e.g., wrong meter or phone number).
  • Accuracy of Information: You are responsible for entering correct and up-to-date details (meter number, mobile number, etc.). Cashia is not liable for losses arising from incorrect information or unauthorized transactions resulting from your failure to secure your account credentials.
  • General Provisions:
    • Transaction Limits: All services are subject to daily and monthly transaction limits set by Cashia and approved by the CBK.
    • Availability: Services depend on network connectivity, system uptime, and third-party provider availability (e.g., M-Pesa, banks). Cashia is not liable for disruptions beyond our control, as outlined in Section 15.
    • Fees and Transparency: Fees for all services, including Stika transactions, are disclosed in the App, ensuring compliance with the Consumer Protection Act, 2012, and KE-QR Code Standard (Section 7). No hidden charges apply.
    • Consumer Support: Cashia provides training, in-App tutorials, and customer support (via support@cashia.com or - 0709200900) to ensure a seamless user experience, as recommended by the KE-QR Code Standard (Section 8).
    • Regulatory Compliance: All services are operated under CBK oversight, with funds safeguarded in a Trust Account. Cashia complies with AML/CFT regulations, PCI DSS standards, and data protection requirements, ensuring secure and lawful transactions.
    • Interoperability: Services are designed to integrate with Kenya’s digital payment ecosystem, supporting multiple payment methods (M-Pesa, Visa, Mastercard, bank transfers) and adhering to the KE-QR Code Standard’s interoperability requirements (Section 5).

For detailed information on the Stika QR code feature, refer to Section 7. Cashia reserves the right to modify or suspend services in response to regulatory changes, technical issues, or business needs, with prior notice to users via the App, email, or website.

4. Account Registration and Security

  • Registration Process:

    • Account Creation: To access Cashia’s Services, including the Stika QR code feature, you must register for an account through the App by providing accurate and complete personal information, as specified in Section 2 (Eligibility). This includes a valid identification document (e.g., National ID, Alien Card, Passport) and a registered mobile number.
    • Identity Verification: Cashia verifies your identity using Optical Character Recognition (OCR) technology (as described in Section 5) and the Integrated Population Registration System (IPRS), in compliance with CBK’s AML/CFT regulations, the Data Protection Act, 2019, and the KE-QR Code Standard 2023 (Section 8).
    • Approval: Cashia reviews and approves registrations based on eligibility and verification outcomes. You will be notified of approval or rejection via the App or email. If rejected, reasons will be provided where applicable, in line with the Consumer Protection Act, 2012.
    • Account Activation: Upon approval, you must set up secure authentication credentials (e.g., PIN, biometric data) and, for Stika users, create a personalized Stika name (Section 7). Activation is complete once verification and setup are finalized, enabling access to all Services.

  • Security Measures:

    • Authentication: All transactions, including Stika QR code payments, require secure authentication via a PIN, biometric verification (e.g., fingerprint, facial recognition), or other approved methods, as mandated by the KE-QR Code Standard (Section 4.1). Two-factor authentication (2FA) is mandatory for all high-value, cross-platform, or cross-border transactions.
    • Encryption: Cashia employs industry-standard encryption protocols (e.g., AES-256) to protect your account data, transaction details, and Stika QR codes during transmission and storage, in compliance with PCI DSS and the Data Protection Act, 2019.
    • Fraud Monitoring: Cashia implements real-time fraud detection and monitoring systems to identify suspicious activities, such as unauthorized access or unusual transaction patterns, as required by AML/CFT regulations and KE-QR Code Standard (Section 8). Suspicious activities may trigger account suspension or additional verification.
    • Secure Storage: Customer funds are held in a Trust Account with a licensed commercial bank, and personal data is stored securely in compliance with ODPC guidelines. Stika QR codes include CRC checksums (Section 7) to ensure data integrity during scanning.
    • Session Management: App sessions are protected with automatic logout after inactivity and secure token-based authentication to prevent unauthorized access.

  • User Responsibilities:

    • Credential Confidentiality: You are responsible for maintaining the confidentiality of your account credentials, including your PIN, biometric data, and Stika QR code. Do not share these with anyone, including Cashia staff, as they will never request your credentials.
    • Device Security: Ensure your device (e.g., smartphone) is secure, with up-to-date antivirus software and a strong password or biometric lock to prevent unauthorized access to the App. Cashia requires device binding during registration; your account will be linked to a single registered mobile device to prevent login from unauthorized devices. Any attempt to access the App from an unrecognized device will require re-verification via SMS OTP or biometric confirmation.
    • Reporting Unauthorized Access: Immediately notify Cashia at support@cashia.com or - if you suspect unauthorized access, compromised credentials, or misuse of your Stika QR code. Prompt reporting enables Cashia to take protective measures, such as account suspension or transaction reversal, subject to verification.
    • Accurate Information: Provide and maintain accurate account information (e.g., mobile number, email, identification details). Update changes promptly via the App to ensure compliance with AML/CFT and IPRS requirements.
    • Compliance: Adhere to these Terms, CBK regulations, and Kenyan laws when using the App. Unauthorized use or sharing of account access may result in suspension or termination (Section 13).

  • Cashia’s Responsibilities:

    • Secure Infrastructure: Cashia maintains a secure App infrastructure, including PCI DSS-compliant payment gateways, encrypted data storage, and regular security audits to protect your account and transactions.
    • Data Protection: Personal data collected during registration (e.g., ID details, mobile number) is processed and stored in compliance with the Data Protection Act, 2019, with access limited to authorized personnel and third parties (e.g., IPRS, banks) as necessary (Section 6).
    • User Notifications: Cashia will notify you of security incidents, such as data breaches or unauthorized access attempts, within 72 hours, as required by the Data Protection Act, 2019, and take prompt action to mitigate risks.
    • Support: Cashia provides customer support for registration and security issues via support@cashia.com or in-App chat, with resolution timelines outlined in Section 14.
    • Fraud Prevention: Cashia implements measures to prevent unauthorized use of Stika QR codes (e.g., CRC checksums) and monitors transactions for compliance with KE-QR Code Standard (Section 8).
    • Account Dormancy and UFAA Compliance: In the event your account remains inactive for 12 consecutive months, Cashia will classify it as dormant and send prior written notice via the App, SMS, or email. If no activity resumes within 30 days of notice, Cashia reserves the right to restrict access and transfer any remaining balance (after deduction of applicable fees) to the Unclaimed Financial Assets Authority (UFAA) in accordance with the Unclaimed Financial Assets Act, 2011, CBK guidelines, and NPS (E-Money) Regulations 2021. You may reclaim such funds directly from UFAA upon proof of ownership.

  • Account Suspension or Deactivation:

    • Cashia may suspend or deactivate your account if:
      • You fail to complete identity verification or provide requested documents.
      • Suspicious activity or security breaches are detected (e.g., multiple failed login attempts, unauthorized Stika QR code use).
      • You violate these Terms, AML/CFT regulations, or the KE-QR Code Standard 2023.
      • Your account is inactive for an extended period (e.g., 12 months), subject to prior notice.
    • Suspension or deactivation processes are detailed in Section 13. You will be notified via the App or email, with instructions to resolve issues or appeal, in line with the Consumer Protection Act, 2012.
    • Upon deactivation, remaining funds in your Cashia wallet will be returned to you, subject to verification and applicable fees.

  • Consumer Support:

    • Assistance: For issues with registration, verification, or account security, contact Cashia at support@cashia.com or 0709200900. Support is available during business hours, with responses within 24–48 hours.
    • Training: Cashia provides in-App guides and tutorials on secure account setup, Stika QR code usage, and credential protection, aligning with KE-QR Code Standard’s consumer training recommendations (Section 8).

  • Liability:

    • Cashia is not liable for losses resulting from your failure to secure your account credentials, Stika QR code, or device, or from providing inaccurate registration information.
    • You may be required to indemnify Cashia for damages or penalties arising from unauthorized account use due to your negligence, as permitted by Kenyan law.

5. Use of Optical Character Recognition (OCR)

  • Purpose: Cashia may use OCR technology to extract and process information from documents or images you submit through the App, such as identification documents, for purposes including identity verification, account registration, or transaction processing.
  • Consent: By submitting documents or images through the App, you consent to Cashia using OCR to process such data in accordance with the Data Protection Act, 2019.
  • Accuracy: While Cashia employs reliable OCR technology, you are responsible for ensuring the accuracy and legibility of submitted documents. Cashia is not liable for errors resulting from illegible or incorrect documents.
  • Data Protection: Data extracted via OCR is processed and stored securely in compliance with the Data Protection Act, 2019. Refer to our Privacy Policy for details on data handling and retention.
  • Third-Party Providers: Cashia may engage third-party OCR service providers, who are bound by confidentiality and data protection agreements to safeguard your information.

6. Data Protection

  • Certified Data Controller: Kashia Services Limited is registered as a certified data controller with the Office of the Data Protection Commissioner (ODPC) in Kenya, in compliance with the Data Protection Act, 2019.
  • Data Collection and Use: We collect and process personal data, including but not limited to your name, contact details, identification documents, and transaction history, solely for the purpose of providing the Services, verifying your identity, complying with legal obligations, and improving user experience.
  • User Rights: Under the Data Protection Act, 2019, you have the right to access, correct, or request deletion of your personal data, subject to legal and regulatory requirements. You may also object to the processing of your data or request data portability by contacting us at support@cashia.com
  • Data Security: Cashia implements robust technical and organizational measures to protect your personal data against unauthorized access, loss, or misuse, in line with ODPC guidelines.
  • Data Sharing: Your personal data may be shared with third parties (e.g., banks, regulatory authorities, or service providers) only as necessary to provide the Services, comply with legal obligations, or with your explicit consent. All third parties are bound by data protection agreements.
  • Data Retention: We retain your personal data only for as long as necessary to fulfill the purposes outlined in our Privacy Policy or as required by law.
  • Data Breach: In the event of a data breach, Cashia will notify you and the ODPC within 72 hours, as required by the Data Protection Act, 2019, and take prompt action to mitigate any harm.
  • Privacy Policy: For detailed information on how we handle your personal data, please refer to our Privacy Policy, available on our website (www.cashia.com ).

7. Stika QR Code Feature

  • Overview: The Stika QR code feature, registered as a trademark with the Kenya Industrial Property Institute (KIPI) under the Trade Marks Act, Cap 506, Laws of Kenya, complies with the Kenya Quick Response (KE-QR) Code Standard 2023, based on the Stika enables wallet activation, creation of a personalized Stika name, and transactions such as wallet top-ups and money transfers to other Cashia wallets or bank accounts using Static QR Codes, ensuring interoperability, security, and consumer convenience.

  • Wallet Activation: To activate your Cashia wallet, you must upload a valid identification document (National ID, Alien Card, or Passport) through the App. Cashia uses OCR technology (as described in Section 5) to verify your identity in compliance with CBK’s AML/CFT regulations, the Data Protection Act, 2019, and the Integrated Population Registration System (IPRS) requirements.

  • Stika Name: Upon successful wallet activation, you may create a unique Stika name of your preference, subject to availability and Cashia’s naming guidelines, which prohibit offensive, misleading, or illegal names. The Stika name serves as a harmonized identifier for transactions, displayed on the recipient’s device for verification.

  • Static QR Code: Used for multiple transactions, Stika Static QR Codes contain fixed customer data (e.g., Stika name) and are presented via electronic display (e.g., App screen), adhering to KE-QR Code Standard’s layout specifications (Section 10). Recipients scan the Static QR Code and input the transaction amount.

  • Wallet Top-Ups: You may top up your Cashia wallet using:

    • Mobile Money: Link your Mobile Money account to your Cashia wallet and follow the prompts to transfer funds, subject to the Mobile Money companies’ transaction limits and fees as disclosed in the App. Mobile Money integration complies with KE-QR Code Standard’s interoperability requirements (Section 5).
    • Visa or Mastercard: Use a valid Visa or Mastercard (including virtual cards) to top up your wallet. Transactions are processed securely via PCI DSS-compliant payment gateways, with fees displayed before confirmation, adhering to KE-QR Code Standard’s security guidelines (Section 8).

  • Money Transfers:

    • Cashia-to-Cashia Transfers: You may send money to another Cashia wallet using the recipient’s Stika name or Static QR Code in real-time, subject to transaction limits set by Cashia and approved by the CBK. The recipient’s Stika name and transaction details are displayed for verification, per KE-QR Code Standard’s consumer experience guidelines (Section 4).

    • Cashia-to-Mobile Money Transfers: You may transfer funds from your Cashia wallet to a registered Mobile Money account using the recipient’s registered Mobile money mobile number or Static QR Code, subject to applicable fees as disclosed in the App. Transfers are processed in real-time, adhering to CBK regulations and the KE-QR Code Standard’s interoperability requirements (Section 5).

    • Bank Transfers: You may transfer funds from your Cashia wallet to a preferred bank account in Kenya via the Kenya Electronic Payment and Settlement System (KEPSS) or other approved systems, subject to applicable fees and processing times, in compliance with CBK regulations.

    Money Request Feature:

  • Description: You may send a money request to another Cashia wallet user to top up your wallet, using their Stika name. The recipient receives a notification via the App and can approve or decline the request, subject to their available funds and transaction limits.

  • Process: Initiate a money request through the App by entering the recipient’s Stika name specifying the requested amount in Kenya Shillings (KES). Approved requests result in real-time transfers to your Cashia wallet, subject to applicable fees as disclosed in the App.

  • Security: Money requests require authentication via PIN to prevent unauthorized access, and transactions are processed securely in compliance with PCI DSS standards and the KE-QR Code Standard (Section 8).

  • Consumer Experience: Notifications for money requests and their approval or rejection are sent via in-App messages, ensuring transparency per KE-QR Code Standard (Section 4).

  • Security:

    • All Stika transactions require authentication via PIN or biometric verification to prevent unauthorized access, as mandated by the KE-QR Code Standard (Section 4).
    • Stika QR codes include a Cyclic Redundancy Check (CRC) checksum (Section 7) to ensure data integrity during scanning.
    • Cashia implements PCI DSS security standards and fraud prevention measures (Section 8) to protect against unauthorized use or copying of Stika QR codes.
    • You are responsible for safeguarding your Stika QR code and authentication credentials.

  • Data Protection: For Stika transactions requiring additional consumer data (e.g., mobile number for specific use cases), Cashia adheres to data minimization principles and obtains your consent, as required by the Data Protection Act, 2019, and KE-QR Code Standard (Section 7). Data such as transaction amount, currency (KES), and Stika name are included in QR codes per KE-QR Code Standard data objects (Sections7).

  • Fees and Limits: Fees for wallet top-ups and transfers, as well as transaction limits, are disclosed in the App and on our website (www.Cashia.co.ke). Cashia ensures transparency in compliance with the Consumer Protection Act, 2012, and KE-QR Code Standard’s fee disclosure requirements (Section 7).

  • Consumer Experience: Cashia provides consumer training and clear instructions on using Stika QR codes, as recommended by KE-QR Code Standard (Section 8), to enhance trust and usability. Notifications of successful transactions are sent via SMS, in-App messages, or other methods, per Section 4.

  • Display Standards: Stika QR codes adhere to KE-QR Code Standard’s layout specifications (Section 10), with a minimum QR image size of 11% of the display area for clear scanning. Acceptance logos (e.g., M-Pesa, Visa, Mastercard) are displayed alongside QR codes to indicate supported payment methods.

  • Liability: Cashia is not liable for losses resulting from incorrect recipient details, unauthorized access due to your failure to secure your Stika QR code or credentials, or network failures beyond our control, as outlined in the KE-QR Code Standard (Section 8).

  • Trademark Protection: The Stika name and QR code design are protected as registered trademarks under the Trade Marks Act, Cap 506. Unauthorized use or reproduction of the Stika trademark is prohibited and may result in legal action by Cashia.

8. Fees and Charges

  • Payment: Applicable fees will be deducted from your account at the time of the transaction.

  • No Hidden Charges: Cashia ensures that all charges are fair, clear, and transparent, as required by the Consumer Protection Act, 2012.

9. Transaction Limits and Processing

  • Limits: Transactions, including Stika wallet top-ups and transfers, are subject to daily and monthly limits as set by Cashia and approved by the CBK.
  • Processing: Transactions are processed in real-time via the Kenya Electronic Payment and Settlement System (KEPSS) or other approved systems, subject to network availability.
  • Refunds: Refunds for erroneous transactions will be processed in accordance with our consumer redress policy, available on our website.

10. Customer Responsibilities

  • Ensure sufficient funds are available in your account to cover transactions and fees.
  • Provide accurate recipient details for money transfers, including Stika names or bank account details.
  • Comply with all applicable laws, including AML/CFT regulations.
  • Keep your personal details, PIN, Stika QR code, and other credentials secure to prevent unauthorized use.
  • Refrain from unauthorized use or reproduction of the Stika trademark.

11. Cashia’s Responsibilities

  • Regulatory Compliance: Cashia operates under the oversight of the CBK and adheres to the National Payment System Act, 2011, and related regulations, including the KE-QR Code Standard 2023.
  • Transparency: We will provide clear information about Services, fees, risks, and terms through the App, website, and other communication channels.
  • Consumer Redress: Cashia has a consumer redress mechanism to address complaints. Contact us at support@cashia.com or 0709200900 for assistance.
  • Data Protection: We implement safeguards to protect your personal data in compliance with the Data Protection Act, 2019.

12. Prohibited Activities

You agree not to use the App or Services, including the Stika feature, for:

  • Illegal activities, including money laundering or financing terrorism.
  • Fraudulent transactions or misrepresentation.
  • Unauthorized access to another user’s account or Stika QR code.
  • Unauthorized use or reproduction of the Stika trademark in violation of the Trade Marks Act, Cap 506.
  • Any activity that violates Kenyan laws or CBK regulations, including the KE-QR Code Standard 2023.

Cashia reserves the right to suspend or terminate your account for engaging in prohibited activities.

13. Termination and Suspension

  • By You: You may terminate your account by contacting customer support and following the account closure process.

  • By Cashia: We may suspend or terminate your account for reasons including but not limited to:

    • Violation of these Terms.
    • Suspected fraudulent or illegal activity.
    • Failure to comply with CBK regulations, AML/CFT requirements, or the KE-QR Code Standard 2023.
    • Unauthorized use of the Stika trademark.

  • Upon termination, any pending transactions, including Stika transfers, will be completed or reversed, and remaining funds will be returned to you, subject to applicable fees and verification.

14. Consumer Redress and Complaints

  • Complaints: If you have a complaint, including issues related to the Stika feature, contact us at support@cashia.com or 0709200900. We aim to resolve complaints within 7 business days.

15. Limitation of Liability

  • Cashia is not liable for losses arising from:
    • Unauthorized transactions due to your failure to secure your account, including your Stika QR code or credentials.
    • Network or system failures beyond our control.
    • Inaccurate information provided by you, including documents processed via OCR or incorrect recipient details for Stika transfers.
  • Our liability is limited to the extent permitted by Kenyan law.

16. Amendments to Terms

  • Cashia may update these Terms to reflect changes in Services, regulations, or business practices.
  • We will notify you of changes via the App, email, or our website at least 30 days in advance.
  • Continued use of the App or Services after changes constitutes acceptance of the updated Terms.

17. Governing Law

These Terms are governed by the laws of Kenya. Any disputes arising from these Terms will be subject to the exclusive jurisdiction of Kenyan courts.

18. Contact Information

For questions, support, or complaints, contact Kashia Services Limited:

  • Email: support@cashia.com
  • Phone: 0709200900
  • Address: Westlands Road, Imperial Court 2nd & 3rd Floor, P.O. Box 2883 - 00606, Nairobi, Kenya
  • Website: www.cashia.com

Regulated by the Central Bank of Kenya

By using the Cashia App, you acknowledge that you have read, understood, and agree to be bound by these Terms and Conditions.

Thank you for choosing Kashia Services Limited.