M-PESA Payment Gateway Kenya – PayBill, Till Number & STK Push

This guide explains how an M-PESA payment gateway in Kenya works, including PayBill, Till Number, STK Push, Daraja API, callbacks and online payment setup for websites, apps and businesses.

It is useful for business owners, developers, online shops, SaaS builders, schools, churches, NGOs, freelancers, billing platforms and anyone planning to accept M-PESA payments online.

Important Notice: This guide is for general information only. It is not official Safaricom, M-PESA, legal, banking, tax or technical advice. Always confirm requirements, approval, API access, charges, settlement rules and go-live steps from official Safaricom and M-PESA platforms.

What is an M-PESA Payment Gateway?

An M-PESA payment gateway is a setup that allows a website, mobile app, billing system or business platform to accept M-PESA payments digitally.

Instead of asking customers to manually enter a PayBill or Till Number every time, a business can use an online payment flow such as STK Push, where the customer receives a payment prompt on their phone and confirms using their M-PESA PIN.

Simple meaning: An M-PESA payment gateway connects your business system to M-PESA so you can receive payments, verify transactions, update orders and reconcile customer payments more easily.

M-PESA Payment Gateway Options in Kenya

Option	Best For	How It Works
PayBill	Schools, rent, utilities, subscriptions, billing accounts, invoices and organizations	Customer pays using a business number and account/reference number.
Till Number	Retail shops, restaurants, salons, small businesses and walk-in payments	Customer pays using Buy Goods and Services to the merchant Till Number.
STK Push	Websites, apps, ecommerce stores, SaaS platforms and automated payment flows	Customer enters phone number, receives M-PESA prompt, enters PIN, and the system receives a callback after payment.
C2B API	Businesses receiving customer-to-business payments	The system receives or validates customer payment details for reconciliation and order updates.
B2C API	Payouts, disbursements, refunds, commissions and mass payments	The business sends money from a business account to customers or recipients.

PayBill vs Till Number vs STK Push

Feature	PayBill	Till Number	STK Push
Customer experience	Customer enters business number and account number manually	Customer enters Till Number manually	Customer receives a phone prompt and confirms with PIN
Best use	Invoices, accounts, school fees, subscriptions	Retail and point-of-sale payments	Online checkout, app payments and automated billing
Automation level	Medium to high if integrated	Medium to high if integrated	High
Common developer need	Validate payment and match account/reference	Confirm payment and match order/customer	Initiate prompt, handle callback, update order status

Important: Do not confuse a normal PayBill or Till Number with a fully integrated payment gateway. A payment gateway needs a system that can initiate, receive, verify or reconcile payment events.

How M-PESA STK Push Works

1. The customer enters their Safaricom phone number on your website or app.
2. Your system sends a payment request through the M-PESA API setup.
3. The customer receives an M-PESA prompt on their phone.
4. The customer enters their M-PESA PIN to approve the payment.
5. M-PESA processes the transaction.
6. Your system receives a callback response.
7. Your website or app updates the order, invoice, subscription, wallet, voucher or service status.

Best practice: Always save the payment request, checkout reference, phone number, amount, status, callback payload and final receipt number where applicable. This helps with reconciliation, customer support and dispute tracing.

M-PESA Integration Readiness Checker

Use this simple checker to see whether your business is ready for M-PESA payment gateway integration.

Business Type Online shop / website / app School / institution / organization Retail shop / restaurant / service business SaaS / billing platform / subscription service Payouts / disbursements / commissions Do you already have a PayBill or Till Number? Yes No Not sure Do you already have a website, app or system? Yes No Basic website only Main Payment Need STK Push checkout Customer payments and reconciliation Payouts or disbursements Full payment automation

Select your options and click check readiness.

Basic M-PESA Payment Flow for a Website

Customer enters phone number and amount
↓
Website sends payment request
↓
M-PESA sends STK prompt to customer phone
↓
Customer enters M-PESA PIN
↓
M-PESA sends callback to website
↓
Website confirms paid / failed / pending
↓
Order, invoice, wallet, voucher or account is updated

What You Need Before M-PESA Integration

• A clear business use case such as ecommerce checkout, invoice payment, subscription, booking, school fees, wallet top-up or voucher purchase.
• A PayBill, Till Number or approved business payment setup where required.
• A website, mobile app, billing system or backend service.
• A secure server endpoint to receive M-PESA callbacks.
• A database table for payment records, transaction references, callback payloads and statuses.
• Clear customer support and reconciliation procedures.
• Official confirmation of API access, limits, terms and go-live requirements.

Common M-PESA Payment Gateway Use Cases

Business	Payment Use Case
Online shop	Customer pays through STK Push and order is marked paid automatically.
Wi-Fi hotspot / ISP	Customer pays through M-PESA and receives voucher or automatic access.
School	Parents pay fees using account numbers and the system reconciles student accounts.
SaaS platform	Customer pays monthly subscription and account is activated or renewed.
Marketplace	Platform receives payments and later pays vendors or service providers.
NGO / church	Members or donors contribute through PayBill, Till or online payment page.

Common M-PESA Integration Mistakes

1. Not saving callback data

Always store callback payloads and transaction references. They help confirm what happened when a customer claims they paid.

2. Marking payments as successful too early

Do not mark an order as paid just because an STK Push was sent. Wait for the correct payment result or verify using an official supported process.

3. No duplicate-payment protection

A good system should prevent one payment callback from crediting an order more than once.

4. Weak reconciliation

Businesses should reconcile successful payments, failed attempts, pending payments, unmatched callbacks and manual payments.

5. Poor customer support trail

Keep transaction references, phone number, amount, checkout request, status and time so support teams can trace payments quickly.

M-PESA Gateway Security Checklist

• Use HTTPS for your website and callback URLs.
• Never expose API secrets in browser JavaScript.
• Store credentials securely on the server side.
• Validate callback data before updating customer accounts.
• Log all payment decisions and status changes.
• Use role-based access for admin payment dashboards.
• Protect customer phone numbers and payment data.
• Keep official credentials separate for test and live environments.

Security note: Never ask customers to enter their M-PESA PIN on your website. The customer should enter their PIN only on the official M-PESA prompt on their phone.

Useful M-PESA Tools

Use our free tools and guides to estimate charges and understand M-PESA payment flows before building your payment setup.

Open M-PESA Charges Calculator Read PayPal to M-PESA Guide

Frequently Asked Questions

What is an M-PESA payment gateway?

An M-PESA payment gateway is a payment setup that allows a website, app or business system to accept, verify or process M-PESA payments digitally.

What is STK Push?

STK Push is a payment flow where a customer receives an M-PESA prompt on their phone and confirms the payment by entering their M-PESA PIN.

Do I need a PayBill or Till Number for M-PESA integration?

Many business payment setups use a PayBill, Till Number or approved business shortcode. The exact requirement depends on the official Safaricom/M-PESA product and your business use case.

Can M-PESA be integrated into a website?

Yes. Businesses can integrate M-PESA payments into websites, apps and backend systems using official supported M-PESA API channels and approved credentials.

Is this an official Safaricom integration page?

No. This is an independent educational guide. Always confirm integration requirements, approval and technical steps from official Safaricom and M-PESA platforms.

Official References

• Safaricom Daraja Developer Portal
• Safaricom Daraja APIs
• Safaricom M-PESA API
• Safaricom Business PayBill
• Lipa na M-PESA

This article is a simplified independent guide only. It does not replace official Safaricom, M-PESA, legal, tax, banking or technical advice.