Consumers don’t seem to understand what’s happening with their data — does it matter?
- Research shows 76% of fintech users are unaware that apps can sell their personal data to other parties.
- 40% of fintech users plan on decreasing their usage, citing fintech’s lack of responsibility in the event of a breach and its indefinite retention of user data.
The U.S. today stands at a crossroads, paving the way for a fully optimized digital future. Fintech has risen in popularity, becoming a part of 88% of Americans’ lives. What’s powering this technological revolution is data, flowing around the bank and non-bank ecosystem like blood to organs, with third-party service providers functioning as arteries and veins. However, with so much of users’ sensitive financial and personal data out there, people find themselves more vulnerable to risks of data privacy and security than ever before. In just the second quarter of 2021, data breaches were up by 38%, projected to reach all-time highs as the year ends.
So, the questions that arise are this: Do Americans signing up for fintech services know the risks they’re taking on? Are they aware of how their data is stored and moved around? Do they understand what fintechs do with the data they collect?
The one-word answer to all those questions is no.
Users’ understanding of what non-bank fintech apps do with their data remains low, often because complex and lengthy disclosures throw them off. The majority of people (59%) believe that fintech applications only use the data that users allow them to, as per a new survey by The Clearing House. However, since 77% reported not reading all the terms and conditions, users have little idea what they’re allowing apps to do with their data. Only about 22% said they were aware that fintechs access their data regularly, while 54% said they were uncomfortable with that.
Data aggregators are big players in the fintech space, operating behind the scenes, with no direct relationship with the end consumer. Aggregators work with fintech firms and banks, playing a key role with respect to accessing, storing, and sharing a consumer’s financial data. Yet, the survey found that 80% of consumers remain unaware that fintechs frequently use third-party data aggregators, and 53% are uncomfortable with this fact. While 1 in 5 respondents admitted they had no idea how non-bank financial applications use their data, 36% thought the applications do whatever they wish with their data.
Consumers’ responses also revealed that they often don’t know what data they’re sharing and with whom. 73% said they were unaware that these applications have access to their bank account username and password. 70% said they were unaware that they had shared their bank account, credit card, and debit card numbers. This raises a question about whether such apps’ user interface design contributes to misguiding users. The use of bank logos and color schemes on such apps may lead consumers to believe they’re sharing information with their bank, and not a third-party non-bank service provider.
Consumers’ responses also showed that they had little idea about the duration for which non-bank finance applications access their data. While 21% believed that once submitted, their data remains always accessible, only 23% were aware that they must manually revoke their consent, or change banking credentials, to deny fintechs access to their data. While such disclosures are generally available in the terms and conditions of fintech apps, the ethics behind burying such information are questionable, at the very least. Only 23% of respondents were aware that fintech apps retain access to their information indefinitely, even once the app is deleted – and 58% said the knowledge brought them discomfort.
Fintechs often take little responsibility in the event of a security breach or data leak. An analysis of the terms and conditions of major apps revealed that, by agreeing to them, consumers agree to cap the liability of the financial app at a relatively small dollar amount. While only 1 in 5 users was aware their service provider may assume no responsibility for theft of their financial information, almost 3 in 5 were discomforted by the revelation.
After being shown a plethora of facts and figures, respondents were found to be more concerned about the data they share and what happens with it. They desired more control over their data and reported wanting a say in what apps can do with it. The majority of the respondents said they would like to control which of their financial accounts and what kind of data can be accessed by any third party. They also said they would like to be explicitly asked whether they want to share their information, for each third party seeking their data.
Users were also asked what mechanisms they would like to fulfill their desire for control and liberty over their data. More than half said a permission settings page within the fintech apps they use was the way to go, while almost as many said a permissions page should be present within their primary bank’s application.
There’s a lot of good that comes out of crunching numbers, and today’s technological advancements are proof of that. However, users being kept in the dark about the inner workings gives rise to feelings of discomfort and insecurity, which simultaneously threatens to put those very advancements in a bad light. With the world increasingly connected by data, what happens with it has real-world implications for a user. In that sense, people deserve greater transparency over what’s going on behind the curtains.