You are currently browsing the tag archive for the ‘Patrick Traynor’ tag.

CFI Fellow Patrick Traynor, an Associate Professor in the Department of Computer and Information Science and Engineering (CISE) at the University of Florida, explains the second part of his research effort on the security and privacy of data in digital lending applications. Patrick’s previous post, explaining the first part of his research on evaluating the privacy policies of digital lending applications, can be found here.

“I’m sorry, but we are just not interested in providing security for our customers.”

Here is a phrase that you are unlikely to see from any company, at least if they want to stay in business. In fact, you are far more likely to see statements to the opposite. Yet time and again, the same services that tout security as something they care about prove to be tremendously vulnerable. Think about it – when was the last week that you didn’t hear about stolen Bitcoins, ransomware attacks, or data breaches?

If companies care so much about security, what is going on?

What Does “Secure” Mean?

Security is one of the least well-defined terms I know. By itself, it completely lacks context. Secure against what? Against whom? Under what conditions? Based on what assumptions?

Read the rest of this entry »

CFI Fellow Patrick Traynor, Associate Professor in the Department of Computer and Information Science and Engineering at the University of Florida, explains his research on the privacy and security of data in mobile lending applications.

We have all seen privacy policies before: sign up for a credit card and you receive a pamphlet with tiny print detailing your bank’s particular policy. Create an account at an online service and you will get a link to something similar from it, too.  These policies are supposed to provide consumers with detailed information about which pieces of their data will be stored, how they might be used, with whom they can be shared, and how they will be protected. Privacy policies are now mandatory for financial institutions in developed nations, and here in the United States we are provided protection by laws such as the “Gramm-Leach-Bliley Act” (also known as the Financial Services Modernization Act of 1999).

Unfortunately, the reality of such policies is often not so clear. Many of these policies are written by attorneys with the sole intention of being consumed later on by other attorneys. That means that, in some cases, even highly educated individuals without a degree in law may not be able to fully understand what they are reading. What chance does the common consumer have to understand such policies?

You would think that consumers would be up in arms. But, let’s be honest – most people have never actually read these privacy policies, yet alone tried to understand them. Have you?

So then why is it important to examine the state of privacy policies?

Let me offer first an insight into the role of studies like ours and then some comments on why privacy policies for digital credit matter.

Read the rest of this entry »

Enter your email

Join 2,138 other followers

Visit the CFI Website

Twitter Updates

Archives

Founding Sponsor


Credit Suisse is a founding sponsor of the Center for Financial Inclusion. The Credit Suisse Group Foundation looks to its philanthropic partners to foster research, innovation and constructive dialogue in order to spread best practices and develop new solutions for financial inclusion.

Note

The views and opinions expressed on this blog, except where otherwise noted, are those of the authors and guest bloggers and do not necessarily reflect the views of the Center for Financial Inclusion or its affiliates.