Data Privacy Day: Do you know where your data is?

Next story

Data Privacy Day, also known as Data Protection Day, is held each year on 28th January and aims to raise awareness across the globe about the importance of keeping personal data secure, informing people about the risks associated with the illegal mishandling and unfair processing of their data.

One of the most important steps in protecting your data is knowing who has access to information about you. However, according to new research from ESET into data security and financial technology or 'FinTech', 42% of worldwide consumers use a free FinTech application, but of these, 50% don’t know if the app they use sells their data.

ESET surveyed over 10,000 consumers across the UK, US, Australia, Japan and Brazil, and the findings demonstrate that FinTech applications are extremely popular these days, as people look to technology for new ways to manage and invest their money from payment apps, such as PayPal and Venmo, to blockchain and cryptocurrency platforms. Concerningly, though, half of these FinTech users are not informed as to whether or not their personal data is being handed over to third parties.

This may not seem too shocking to some, as we have become increasingly accustomed to our data being collected by the hundreds of different services that we sign up to when using our mobile devices and computers. However, there is a range of potential threats that come along with using free services, and it is important that we remain vigilant as to whom we are giving our data.


The dangers of free apps

There is a popular adage that states, “If you’re not paying for it, you are the product.” While this may sound sinister, in the case of applications it tends to ring true: if developers aren’t making money from download fees, it is likely that their revenue is coming from in-app advertising, monitoring your activities and selling your data, or at least collecting your data to further improve app features.

Companies can harvest a whole host of information as you use their apps, including personal details such as your name, age and address; your browsing and spending habits; your contact lists; and even your location. They can then sell all of this to third parties, be it other finance and tech firms or marketing and advertising companies, who use this data to direct targeted adverts at you.

There is also a threat posed when free apps are not updated regularly, as they can have vulnerabilities that leave the app open to attack from hackers. Even worse, malicious actors can create fake or malicious applications that try to trick people into unwittingly handing over personal information, like payment details and account credentials, or infest your devices.


The importance of securing personal data

It is therefore vital to know who has access to your data, what information they have access to and how securely it is stored. If FinTech companies do not store your data securely, it could fall into the hands of malicious actors in the event of a data breach.

Hackers could then sell your personal data on the dark web to criminals, who can use it for a range of nefarious purposes, such as identity theft to apply for loans or file tax returns fraudulently. Personal information can equally be used as a hook in phishing attacks that attempt to finagle you out of your credit card details.

Alternatively, if password data is involved, hackers can hijack your online accounts. Having done so, they can request new user information to lock you out, then attempt to make purchases or steal your money.


What to do to keep your data safe

With all of this in mind, it is important to limit how much data you hand over to app providers, and to ensure that the providers that you give data to are legitimate and trustworthy. To that end, the first thing you should keep in mind is to stick to official app stores, such as the Google Play store and Apple’s App Store, when downloading applications.

The Google Play store and Apple’s App Store have high standards for vetting apps for security risks before allowing them to be distributed. As part of Google’s App Defense Alliance, ESET scans apps for malware and potentially harmful or unwanted software, prior to their being published on the Google Play store. This provides a crucial layer of security to Google Play and helps Android users feel confident that the apps they are downloading are safe.

Secondly, before downloading, take time to search the web for information about the app that you are downloading, and to take a look at the app’s reviews to find out whether there are any concerns as to the company’s data practices. Where possible, it is also advisable to read the data privacy policy to make sure you are comfortable with what the provider will do with your information.

Next, go into your phone’s settings to review the permissions that you have granted to the apps you have already downloaded to make sure you agree with the data that is being collected. Where possible, avoid giving permission for apps to access geographic location, personal information or contact lists.

Lastly, as always, make sure to use secure Wi-Fi networks when using FinTech apps, and use a strong password across your online accounts. Struggling to generate a strong password? Try our password generator, with no obligations and no tracking.

It is ESET’s mission to ensure that your most valuable information is protected with cutting-edge antivirus technology, so for more information on how to keep yourself and your devices safe, head over to our website.