Data Privacy Day: Do you know where your data is?

Next story
Editor

Data Privacy Day, also known as Data Protection Day, is held each year on January 28 and aims to raise awareness across the globe about the importance of keeping personal data secure, informing people about the risks associated with the illegal mishandling and unfair processing of their data. 

One of the most important steps in protecting your data is knowing who has access to information about you. However, according to new research from ESET into data security and financial technology (FinTech), 68% of FinTech users have free services, but of these, 50% do not know if the app they use sells their data.

ESET surveyed 10,000 consumers across the UK, US, Australia, Japan, and Brazil, and the findings demonstrate that FinTech applications are extremely popular these days, as people look to technology for new ways to manage their money, from payment apps such as PayPal and Venmo to blockchain and cryptocurrency platforms. Concerningly, though, half of these FinTech users are not informed as to whether or not their personal data is being handed over to third parties.  

This may not seem too shocking to some, as we have become increasingly accustomed to our data being collected by the hundreds of different services that we sign up for when using our mobile devices and computers. However, there is a range of potential threats that come along with using free services, and it is important that we remain vigilant about whom we are giving our data to.

The dangers of free apps
There is a popular adage that states that if something is free, you are the product. While this may sound ominous, in the case of applications it tends to ring true; that is, if a developer isn’t making any money from download fees, it is likely that their revenue will come from advertising to you, monitoring your activities, and collecting your data.

Companies can harvest a whole host of information when you download their apps, including personal details such as your name, age, and address; your browsing or spending habits; your contact lists and call history; and your location and storage. They can then sell all of this to third parties, be it other finance and tech firms or marketing and advertising companies, who use this data to direct targeted adverts at you.

There is also a threat posed when free apps are not updated regularly, as they can have vulnerabilities, which can leave the app open to attack from hackers. Even worse, malicious actors also create fake applications riddled with malware, which are placed on app stores in order to try to trick people into unwittingly handing over personal information and payment details.

The importance of securing personal data 
It is therefore vital to know who has access to your data, what information they have access to, and how securely it is stored. If app developers and FinTech companies do not store your data securely, in the event of a data breach, it could fall into the hands of malicious actors.

Hackers can then sell your personal data to criminals on the dark web, who can use it for a range of nefarious purposes, such as identity theft, to apply for loans, or to file fraudulent tax returns. Personal information can equally be used as a hook for phishing attacks, or for the purpose of extortion, to attempt to convince you to give up your credit card information.

Alternatively, if password data is involved, hackers can hijack your online accounts. Having done so, they can request new user information to lock you out, then attempt to make purchases or steal your money.  

What to do to keep your data safe
With all of this in mind, it is important to limit how much data you hand over to app providers, and to ensure that the providers you give data to are legitimate and trustworthy. To that end, the first thing you should keep in mind is to stick to trusted app stores such as the Google Play store and Apple’s App Store when downloading applications.

Secondly, before downloading, take time to search the web for information about the app that you are downloading, and to take a look at the app’s reviews to find out whether there are any concerns as to the company’s data practices. Where possible, it is also advisable to read the data privacy policy to make sure you are comfortable with what the provider will do with your information.

Even though reputable stores like the Google Play store and Apple’s App Store are always monitoring apps for security risks, they cannot guarantee that some will not slip through the net, as malicious actors are constantly adapting. Therefore, searching for more information before handing over your data is crucial to avoid downloading a dangerous app.

Next, go into your phone’s settings to review the permissions that you have granted to the apps you have already downloaded, to make sure you are OK with what data is being collected. Where possible, avoid giving permission for apps to access geographic location, personal information, or contact lists.

Lastly, as always, make sure to use secure Wi-Fi networks when using FinTech apps, and change your passwords regularly to keep your accounts safe.  

It is ESET’s mission to help ensure that your most valuable information is protected with cutting-edge security software, so for more information on how to keep yourself and your devices safe, head over to our website.