While the pandemic has driven a 72% rise in fintech app usage, it hasn’t been a perfectly uphill rise.
According to research from PYMNTS.com and Entersekt, 30% of US consumers still do not trust data security when using their mobile banking apps.
Earlier, a Nerdwallet survey from January 2020 already found that 21% of US adults do not use mobile payment apps with 42% of that group saying it’s because they don’t trust fintech app security.
Getting a customer to place their private data — and their money — in your fintech app requires an incredible amount of trust on their part. For the convenience of being able to use your service, they hand over personally identifiable information such as payment information, financial history, bank account login details, Social Security numbers, and much more. In short, customers hand over the keys to their accounts.
In return, your company will know what the customer spends on or invests in, how much they save or consume, how often they get paid, and any number of variables depending on what type of fintech service your app provides. And depending on what software or SDKs are used in your app, that could mean customer data is shared with third-party services in order to score, rate, or rank customers in anything from loan applications to job interviews.
Privacy Concerns: Phishing, Scams, Data Breaches
There are a ton of horror stories out there, whether you’re looking for them or not. Everything from friends’ personal anecdotes about hacked accounts to news stories about the latest data breaches — whether these are fintech apps or other online services that handle a ton of customer data.
There was already acute awareness of data privacy issues back in 2018, where a consumer research study found that 99% of users were “at least somewhat concerned” about data privacy.* And the attempts at grabbing that data are staggering.
How then is a fintech app supposed to safeguard the data privacy of its users and ensure that none of this information is compromised?
How to Fix Data Privacy
1. Adhere to Security Best Practices
There are too many best practices to list in a high-level article like this. But those best practices had better include writing secure code, using encryption, using only authorized APIs, exercising caution in the usage of third-party code libraries, only storing crucial information, and forcing the use of complex passwords or 2-Factor Authentication. The point being: data privacy begins with the first line of code written for an app and extends to how you store and access customer data.
2. Educate Your Users & Give Them Control
From a customer-facing standpoint, there has to be an increased effort to educate users and make them aware of how your fintech app works. In short: tell them how your app accesses, collects, stores, uses, and shares their personal and financial data.
Because for many regular users, financial technology is a mystery. But the fact that they’re using your app means they’re willing to step into your world and use your services, and may want to learn more about it. Use layman’s terms then to teach them about:
- What they should do to keep their accounts safe and secure
- What security you have in place to protect customer data
- What type of data your fintech app collects
- Whether their data is sold or shared with other companies, and why
- What a user can do to control the collection of data
Customers have pretty straightforward expectations when it comes to data privacy. Basically, they want to be able to control access to their information.
A 2018 study by The Clearing House shows that 56% of respondents “would like to control which of my financial accounts and data types can be accessed by any third party.” And when presented with choices, 50% of respondents would prefer some sort of permissions dashboard within the application that allows them to control this.
3. Rally for Secure APIs
Within the fintech industry, there is room for better and more widespread usage of secure APIs (application programming interfaces). In simplest terms, instead of a user logging into his bank account in order to permit a fintech app to use it for payment, secure APIs could be set up between the bank and the fintech service allowing a user to control which apps can access their bank account. And therefore, no need to let yet another app know what your username or password combination is.
But in order for these secure APIs to be created and work seamlessly, you will need a team effort from all involved, which brings us to the last element.
4. Push for Better Industry Collaboration
None of this will work without industry stakeholders teaming up to improve both the guidelines and the technical standards that govern the access and storage of consumer data in the financial services vertical. The idea is to build a more secure, more unified experience for the end-user — whether you’re their bank/neobank, insurance app, budgeting app, mobile payment service, stock trading app, or blockchain app.