Learn Marketing & Strategy Insights, You Will.

Tag: privacy (Page 1 of 3)

Privacy: A Guide for People (Part 1 – Things Your Credit Union Can Share)

Originally published on CUInsight.com

Updated 4/6/21 with details on FLoC testing

Privacy. Buzzword doesn’t even begin to describe it. You discuss it in your board meetings. It’s mentioned ad nauseam on news stories at every level.

It played a major role during the coronavirus pandemic. Conflicts between the right to privacy and informing fellow workers of infected persons raised a lot of ire.

Tracking exposed people using anonymous phone location data built maps where we could watch the virus spread. Was that a public health requirement or privacy violation? Or both?

And now, with Apple and Google having built an Exposure Notification API, everyone’s devices could help us know when you’re exposed. Are there privacy implications? You bet. That’s why they listened to get it right.

Too bad our national and local governments mostly passed up using the tech to help save lives…because of the privacy issues out there, this wasn’t the “hill to die on”.

We debate the details of privacy and what it means with respect to national security, crime, and business. In fact, privacy is a topic of discussion in nearly every area of life.

Private Sign on Chain

Yet why do we seem to have less of it than ever before?

This post will look at what privacy means for your credit union, your members, and how its perception evolves over time.

You’ve Been Logged

Of course, you’ve already been logged. “Let me count the ways…” Where do we even start?

For the more mundane, we’ve got cookies in your web browser. They help sites recognize you upon your return. This is what lets you “stay logged in” on Gmail or any other service.

We’ll get to the more interesting systems later.

Tracking for Good

Tracking isn’t inherently bad. You can’t personalize if you don’t have any knowledge on who is doing what. The key is to embrace your data to improve your experiences without getting creepy.

Cookies

From your standpoint, cookies are a fun tool. They can be used to remember members upon their return to your site. United Texas CU embraces this with their full-page assistant.

United Texas CU Homepage
Well, hello there.

You can take it even further by proactively offering assistance based on their previous visit actions. If a member visited your Checking page before, display your account options on the homepage.

The same can be done with Auto Loans, where you display your Car Buying Service and your “as low as” rate.

In a way, members feel recognized and appreciated. It’s not creepy and helps everyone. Think of it like the Recommended Items on your Amazon homepage.

There’s also 3rd party cookies, which follow you around the internet and are not in the same category at all. We look at those below.

Account Alerts

Did you know that in 2019, there was a 31% drop in average annual number of overdrafts per account? Unfortunately, it’s not because people suddenly had more money. Or that they could avoid overdrawing their accounts.

Bell

It’s been attributed, at least in part, to proactive account alerts: Push notifications from the banking app to warn on low balance. Does your app do that? Because others do it with a lot of style.

On one side, it will cost money to implement and reduce fee income. However, I believe the credit union mission demands it. There are a lot of other ways to grow revenues that don’t involve punishing those already least able to afford it.

From your member’s perspective, you are providing a helpful service that assists them in better managing their available funds. And saves money. Plus, it can be part of a financial literacy effort. If nothing else, it’s financial empowerment.

Account Insights

Some of the big banks have digital assistants in their apps to give additional insights. For example, Bank of America has Erica (Get it? Brilliant, right?).

You can ask Erica questions by text or voice, both using natural language. For example, you can say, “how much did I spend on groceries this month?” Or, “what are my recurring charges?”

Coins and Calculator on Budget

Helping members get a better view on their money (and take actions on it) will keep you from becoming a “dumb bank”.

Tracking You May Not Know About

With our smartphones comes an impressive array of sensors and software systems. Put together, they can learn an insane amount of information about you.

We’ll talk about them, but there’s also other personal information you’re giving up without even realizing. Some you can restrict. Most you can’t (though Apple’s new App Tracking Transparency will give you lots more control).

Location

Your phone has GPS. So it knows where it is in the world. That means your cell phone provider also knows. Granted, it needs to so it can choose which tower to use (for rough location, they’ve always known).

Blue Location Pin

With apps, you can choose to allow them to access that location information. It’s helpful to find ATMs, use maps, or any of millions of other functions.

Did you know you can restrict this access? Your phone lets you choose whether the app can access your location at all, while it’s open, or always (yes, even when it’s not active at all).

For example, Bank of America asks for Always location access to match your phone’s location with card purchases. If your card is in Sacramento and you’re in Boston, there might be a problem.

Many apps ask for your location to sell that data to advertisers. You didn’t think that amazing game was free free, right?

Find your phone’s location privacy settings (iPhone: Settings/Privacy/Location Services). Lock it down as much as you can while still allowing desired functionality.

I recommend turning off “Precise Location” on any apps that don’t need to know where you are to the foot. If you must leave location on for Facebook, this is the setting to use.

Beyond GPS

GPS is your primary location system on phones, but it’s not the only one. Bluetooth does more than connect to your headphones. It is a form of precise location as well.

This is done in two ways:

Bluetooth Icon
  • Detection of Bluetooth beacons installed in the environment around you
    • Example: In a clothing store, when their app is open, it may use these beacons to offer section-specific coupons.
  • Looking at every Bluetooth device around you and their signal strength or change over time
    • This is how Apple Maps determines traffic. Your iPhone listens for every other iPhone’s Bluetooth signal as you’re driving along. When it detects the GPS speed is slow and also many other iPhones, that’s a good indicator of traffic.

COVID-19 Exposure Notification API

Who knew when I wrote this that there would be a global use of Bluetooth tracking? Well, there is. Apple & Google partnered to build a COVID-19 Exposure Notification API. With it, phones use Bluetooth to look at nearby devices.

While preserving privacy, your phone will monitor other Bluetooth devices nearby, behaving similarly to the traffic tracking. It will look at signal strength to determine distance (instead of speed). This gets anonymized and sent to their servers.

Public health authorities and individual users will mark people who have tested positive. Then, the system will match that device’s identifier to all those who were in proximity. Each of them receive a notification they may have been exposed.

It’s already on your phone. Even though it’s really a bit late, there is still time to demand your national and state governments build apps to “light it up”. Without exaggeration, it will save lives.

Other Bluetooth Uses

To address the issue of apps (like Facebook) using this Bluetooth data to get location information on you, even when you had Location Access off, Apple made apps get permission to use Bluetooth.

It’s another section in Privacy on your iPhone. Check it. Turn off those which aren’t using devices or services (while leaving it on for apps like Tile, which use it in the background to help others find their stuff).

There’s a whole lot more we can discuss on the topic of location data from phones/watches:

  • The accelerometer knows how and where it’s being held/carried
  • The gyroscope can detect how it moves in an environment
  • In theory, this data can show limps, desired accessories (purses, pockets, etc.), activity levels, or other potential health characteristics

Yeah, it gets a little nuts. But it’s happening. My main advice here? Only install apps from companies you generally trust and keep access permissions as low as possible while preserving app functionality.

Data Scraping

There’s a reason the Privacy section of your iPhone has categories beyond Location. Apps can collect an enormous amount of data from users, some without their knowledge (hence why there’s so many privacy sections).

Data Knowledge Learning Road Sign

This can include contact lists (known good e-mails, addresses, and phone numbers), recordings from around you (yes, some apps really are listening!), photos or camera, and more. Each requires permission.

For your financial institution, you don’t have to worry about this from your app. However, it’s good to know what’s possible. In some way, you might wish to use certain functions to improve member experience.

Advertising

It’s unlikely your mobile app has ads, beyond internal banners for financial services. A lot of others do. While I get that a “free internet” needs ads to fund it, we can do better.

Rogue ads that get into rotation on services like Google’s Double-click or Adsense networks can cause issues. They may collect data and send it back to sites for distributing malware, phishing messages, and more.

Analytics

Even apps without ads might have some form of tracking. Under the guise of “analytics”, some apps collect a large amount of usage data. Why? To sell it, of course! That new Apple privacy feature? It’ll stop this. Thank goodness.

Just make sure when you open an app (after updating to iOS 14.5), tap “Ask Not To Track”. Done! Moving forward, you can always look at an iPhone app’s Privacy Label in the App Store to see what data they use to track you.

So what might an app be learning from your use? In other words, what do they consider “analytics”? Here’s just a few items included in Apple’s Privacy Label (all are included in LinkedIn to track you):

  • Precise/Coarse Location
  • All contact information
  • Advertising data (if you’ve ever tapped an ad, commented, liked, or just looked at one for any length of time)
  • Product interaction (literally how you swipe, tap, linger, and otherwise behave in an app)
    • Also, what you’ve typed (or potentially written, then erased) inside the app
  • Contacts
  • Emails
  • Text messages
  • “Other data types” (so, assume everything not already mentioned)

For this and more, you can always check Apple’s App Privacy labels in their store. In addition, they will soon allow you to disable tracking (which has a few big data scrapers up in arms…it’s delightful): App Tracking Transparency.

I use Lockdown on my iOS devices to block many of those servers straight up. Within Safari, I also run Firefox Focus as a privacy filter (perhaps overkill, but there’s no harm).

Additionally, on Firefox (when I want more protection), I use Privacy Badger, Decentraleyes (addresses tracking through CDNs), and uBlock Origin.

If you handle the IT for your credit union, learn how Privacy Badger supports enterprise deployment and configuration. This lets you protect all your connected systems through unified management and can help prevent malware entering your network.

3rd Party Cookies

Cookies
Still not these?

Cookies again? Yes. They’re not just for the website you’re visiting. 3rd party cookies, which I’ve been blocking for many years (it’s a simple browser setting), track you across the internet.

These are one of the tools advertisers use to show ads for that beach chair you looked at a week ago on every other site. And it’s going away.

Google recently announced they’re removing support for 3rd party cookies in Chrome by 2022. So no more ads? Not quite.

First, this only affects Chrome (~60% of desktop browsers in US). Firefox and Safari blocked 3rd party cookies by default for a while now. Second, it doesn’t affect their own ads. Why?

Because if you’re using the (Google) Chrome browser, they’ve already got all the tracking data they need. This change won’t hurt them one bit. In fact…

Chess Board
The Google strategy game continues…

In my opinion, Google is doing this to build their own business. They’re making it harder for other advertisers to gather data, while ensuring they’ll have the most personalized ads to display.

And their new test of the system (called FLoC) seems to reaffirm this suspicion. If you use Chrome, you might be included in their trial without any knowledge. That’s only one of the “not cool” things about this system.

Why would your credit union care about this change? Well, it affects your marketing strategy. If you’ve been using targeted ads across the web, it may require a rethink.

Of course, with our company’s Learning Library and laser-focus on providing honest, quality content, we lean towards the old-school SEO path. It’s not just us suggesting that strategy, either.

How to deal with this upcoming change? Connect with members. Produce great content. Share on social media. Use e-mail, text (SMS), and notifications, when appropriate. Don’t just say you’re unique. Be it.

Changing Norms

Finding this balance between “invading” privacy (through any means) and providing a useful service is a challenge.

It’s also essential to your future. At the same time, norms regarding what information can be shared is changing.

People are now ok with some forms of data exchange (I give you my information for this service).

My intention in this post was to expose you to just some of the methods in use today for tracking. And give you something to think about regarding member privacy.

Part 2 Dives Deeper

We went far enough today. This topic can cover books and still just scratch the surface. It’s changing all the time, both on the tools at your disposal and the strategies taken to get more data.

The second part of this Privacy Guide is going to look at individual risks. We will review privacy settings on phones, discuss some recent hacks that will make you rethink posting “Public”, and preventative tools to lock down your online and real-world presence.

Why, as a credit union, would you care about these things? Great question. First, you’re a person, which means all this applies to you, too. Plus, as a credit union, you aim to protect members’ financial lives.

We will also look at ways your credit union can share information to enhance the member experience. You won’t be alone; it’s already a big deal.

Data is a huge part of every aspect of life. We must ensure it’s moved, secured, and treated with care.

Be sure to Subscribe to CU Geek so you don’t miss any posts! Also, follow me on Twitter, where I share all sorts of intriguing content. And geek out about Doctor Who. Team TARDIS for life!

Why Senior Photo Sharing Can Risk Your Data (And More!) [Video]

Everything is strange now. If you’re reading this after we’re out of the weeds, congratulations. Because right now? It’s strange.

One disappointment for many is graduation. It just won’t happen. Or at least not how seniors expected. So, as support, a social media movement arose to share your own senior photo. I don’t get it, either.

A teenage certainty is that old people are not cool. So old people showing how old they are by sharing photos as teenagers? Yeah, as I said, we’re in strange times.

Anyway, it’s just a whole bunch of scared and restless people trying to help. Which I respect. We’re all in this together, in totally different ways.

So, Data Security?

Yes, sharing your senior photo (along with supplemental info, for some reason) is bad. And that data is getting scooped up for nefarious uses. Like what? Well, that info tends to answer a lot of security questions.

And don’t get me started on those Facebook personality tests that you have to tap Play and allow your info to be shared. Don’t. Do. Them! It’s literally handing your data over to someone you don’t know at all.

Definitely watch below to hear my perspective on security questions.

In fact, watch below to get the story. Ok, not the whole story, but the part that I could fit into a few minute video. Data security is important, and as a financial institution, it’s in your best interest to extend good practices far and wide.

Oh yeah, there’s captions for your muted enjoyment.

FYI: The shirt is from an annual run put on by local high-schoolers to raise money for a children’s cancer hospital. I’m a huge fan of the irony. And these teenagers are consistently awesome. I’m really sorry they’re missing graduation.

Apple Reinvents (Improves?) the Credit Card

Today, Apple held their seasonal keynote event, to highlight new services in a range of categories. You may get a kick out of their Apple TV+ lineup. Maybe you’re stoked about reading all your magazines on your iPhone with Apple News+.

But you’re here for Apple Pay improvements. We are talking about the banking world, right?

What is Apple Card?

In the most simple terms, Apple introduced a credit card. They’re calling it Apple Card. (PS – They partnered with Goldman Sachs. Remember talking about that?)

It’s a “mobile-first” card, in that you do most of your spending, tracking, and reward redemptions all within the app.

The entire platform lives within the native Wallet app in your iPhone. No more downloading a banking app just to pay the credit card bill.

Apple Card - Physical
Titanium. Seriously. (And no numbers to get stolen!)

You can track spending by category, merchant, and even view trends. Payments are simplified, with realtime interest calculations based on what you choose to pay. And rewards deposit daily (they’re calling it Daily Cash) into your Apple Cash account (we’ve spoken about this before).

And the physical card is shiny! (It’s made out of titanium!)

Fabulous metal aside, you care about what the card offers. And is it a threat to your institution?

Spoiler: Yes. Probably.

The Apple Strategy

With more than a billion active devices, any time Apple does something, it matters. Few companies have the ability to affect the behaviors of so many so quickly. I’m not even suggesting you try.

What they did with Apple Card is look at all the pain points within the credit card realm:

  • Applying
  • Tracking spending
  • Paying
  • Redeeming (and understanding) rewards
  • Understanding interest costs (and how to minimize)
  • Getting questions answered

Then they added a bit of Apple touch to align the offering with their mission:

  • Privacy
  • Security
  • Beauty (it’s subjective, sure, but the card is so pretty!)

The result is a mobile-first, simplified, and streamlined vision of a credit card.

Here’s how they addressed those pain points:

  • Application: Tap to apply. Done. It automatically issues the digital version, adds it to your Wallet, and that’s it. The physical copy gets mailed.
  • Tracking spending: The app color-codes spending categories, gives merchants their real logos, and uses machine learning (AI) to decrypt those obscure “IC SPEND A-MERCH 14312” charges (it was the Greek food truck, by the way). It will even show it on a map and link to it on Yelp!
  • Paying/Interest: Graphical wheel that you slide your finger around to see your payments change, along with the interest accrued. Financial education with a swipe.
  • Rewards: 3% at Apple, 2% using the digital version, 1% with physical card. Redeems automatically as cash every day (with notation) into your Apple Pay Cash card. Which you can spend at merchants, online, send to friends/family, and more.
  • Privacy: No merchant gets any details about you on any purchase.
  • Security: Every payment uses a one-time code (just like any other ApplePay transaction). Suspicious transactions appear as notifications (and can be approved or denied with a tap). A new card is sent out and no changes needed.
  • Support: Using Business Chat for iMessage, customers can simply text their question to the service. A person answers and helps them out. Through their normal messaging app.
  • Fees: They don’t have them. Any. At all.

Can Your Credit Union Compete?

That’s a great question. On the surface, no. You cannot create such a streamlined system with the tight integration between bank and provider.

However, all is not lost!

I’ve made a point to talk about partnering in many previous posts. It’s just as valuable (if not more so) today!

Your institution is good at the money part. You might also be great in the relationship area.

But, let’s be honest. You’re not awesome with the technology. It’s a constant effort to keep up with evolving expectations as it is, right?

Two People Talking Over Coffee

That’s why you need to partner with companies who specialize in these things. My last post talked about making member communication simple. That’s one of their pain points!

Another post addressed the issues with boring transaction sheets. Am I spending too much on hummus? (The answer to this is, of course, never!)

And the most cynical/sarcastic/actually realistic answer to this question:

Sure, because it only works for members with an iPhone. Look at all those Android users you can still attract!

Mobile First = Simple First

White iPhone in Hand

You’ll hear a lot of talk about how “mobile first” design is essential. That making services for a computer is immediately alienating your target audience. I’m betting the firms which sell you these platforms will be climbing over each other to talk about how their stuff is so mobile first ready.

It’s not wrong. There’s a lot of value to making sure your offering is accessible from where people are.

However, I want to be clear:

Mobile First doesn’t just mean you need to make sure it works on phones.

Mobile First means that your driving strategy is:

How can we make something so simple, so intuitive, so obvious that members can do what they want in a few seconds?

Apple stepped back and saw many of the traditional challenges in credit cards. Then, they built a system (with appropriate partners) to overcome these “yucky spots”.

Filament Bulb Hanging

It’s about looking at what the real problems are, and how you can address them.

If Edison had only tried to make a brighter candle, he would never have invented the light bulb.

To help illuminate (pun actually not intended, but enjoyed) your best path forward, I encourage you to Subscribe to my blog.

Image credit: Apple

« Older posts

© 2021 Credit Union Geek

Theme by Anders NorenUp ↑