Oct 26 2021

Money20/20: The Future of Data Privacy in Financial Services

Data protection and customer experiences must work together.

As technology has advanced and new tools have emerged, customer experiences are more convenient than ever. They can pay through a watch or a phone, and they have unprecedented access to their bank accounts in real time.

That convenience comes at a cost, however. It relies on personal data being stored and shared between devices, accounts and applications, making data privacy one of the most hotly debated topics in business today.

This is especially true for financial services, which deal with the most personal of this data, such as Social Security numbers, credit scores and daily finances. The industry also has its own security regulations it must follow concerning privacy.

“Data privacy is no longer ‘a nice to have’,” Riddhiman Das, co-founder and CEO at TripleBlind, said during a session Tuesday at Money20/20. “Consumers are paying attention. Regulators are paying attention.”

At the Las Vegas conference, panels of experts tackled the complicated nature of data privacy in financial services — including how these protections can evolve to meet evolving customer expectations.

Predictions for Data Privacy in 2022

When developing data privacy policies and tactics, organizations can’t address only today’s needs. It’s critical that the changes made today also address the needs of tomorrow. Das said that organizations can start with a simple guiding principle.

“We need to make sure we’re operating from a principle of ‘Don’t be evil’,” he said, referencing an early Google motto.

Das joined Polsinelli privacy attorney Liz Harding and Guppy Co-Founder and CEO Sanjib Kalita on a panel that explored the data privacy trends set to advance next year. Up first was increased transparency around data, both from a governance perspective and from the consumer’s perspective. Kalita said that’s something Guppy is working on.

“We’re trying to use blockchain to really reinvent how credit data is used and to put the consumer firmly in control of their data,” he said.

The second trend the group identified is something they referred to as the “fintech sandbox.”

“It’s where a novel product or service is now needing access to customer’s data to deliver that service,” Das explained. Since this can be risky for the owner of the data, Das said he thinks there will be a movement to create cryptographic environments to protect these transactions.

The group also predicted that there will be a movement away from anonymous data. The panel acknowledged that no data is truly anonymous, as there are too many identifying markers for users, and Harding said that has legal implications.

“What the regulars care about is the fact that somebody may be able to identify the data,” she explained. If it might be able to be identified, the data still falls under current privacy protections.

The fourth trend the panel identified is decentralized data, approached more like an operating system rather than something that can be purchased and plugged in. The group also noted that the industry should expect to see more movement toward globally unified data protection regulations.

MORE FOR FINANCE: What the industry needs to know about cloud compliance.

Privacy’s Role in the Customer Experience

The customer experience around money and payments has grown by leaps and bounds in recent years. Developments in transaction processing and maturing technology have led to more seamless experiences when it comes to finances, but they still are not completely frictionless.

Rutherford Wilson, vice president of emerging technology at Trulioo, told the crowd at his session that when he was a child, he could go to a store in his neighborhood and get candy or food on credit. He said that the fact that the owners knew him and his family was enough for them to know that they would get paid. It’s that small community feel that he said is lacking right now in the digital space.

“When we do things online, people don’t know all those things about you,” Wilson noted.

The system currently solves for that by using tools like passwords and biometrics. These advances, including single sign-on, have helped make some processes simple, but there is another level that businesses should be reaching for: invisible authentication.

“It starts with being able to verify who you are,” Wilson said. “That concept of doing that identity verification is the basis of establishing trust and safety on your site.”

He said businesses can use things like device intelligence, IP addresses and more to verify a customer’s identity in the background. This way, when it comes time for a transaction, there is one less barrier in the experience.

“Your identity is your passcode for getting to all of this online business,” Wilson said.

He acknowledged that there are security concerns, but that addressing those concerns must consider the customer experience to truly be successful. From regulations to execution, financial services can make strong strides in data protection while enhancing the customer experience. 

utah778/Getty Images

Learn from Your Peers

What can you glean about security from other IT pros? Check out new CDW research and insight from our experts.