Google And Facebook Hit With $238 Million Fines In France Over Privacy Violations

France’s data protection regulator on Thursday hit Google and Facebook with fines of €150 million ($170 million) and €60 million ($68 million), respectively, for failing to provide internet users an easy way to disable online trackers, marking the latest in a series of fines faced by the two American tech giants for failing to comply with European privacy laws.

Key Facts

In a statement outlining its investigation, French regulator CNIL noted that Facebook, Google and Youtube’s websites offered a button that allowed users to immediately accept cookies but did not provide a similar button to easily refuse them.

The regulator added that the process of refusing the online trackers was several steps longer.

The CNIL ruled that this process affects users’ freedom of consent as it influences their choice of accepting or rejecting cookies.

While cookies can be essential for a website’s functioning—allowing for user authentication and remembering preferences among other things—they can also be used to track a user’s online behavior and serve them advertising.

In addition to the hefty fines, both companies have been ordered to update their interface for French users—making it easier for them to reject cookies—within three months.

Key BackgroundThe fines against Google and Facebook follow a series of similar regulatory actions facing U.S  tech giants including Apple and Amazon in Europe. In December 2020, Google and Amazon were hit with similar fines for their handling of web cookies to track user activities without seeking proper consent..

Last year, regulators in France, the U.K., and the EU initiated formal antitrust probes into Google and Facebook’s online advertising business. The European Union’s General Data Protection Regulation (GDPR) which went into effect in May 2018 has dramatically increased the powers of the bloc’s privacy enforcers. Under the law, serious privacy breaches can lead to fines of as much as 4% of a company’s annual global revenue.

Follow me on Twitter. Send me a secure tip.

I am a Breaking News Reporter at Forbes, with a focus on covering important tech policy and business news. Graduated from Columbia University with an

Source: Google And Facebook Hit With $238 Million Fines In France Over Privacy Violations

.

More contents:

What An Ethical Data Strategy Can Look Like

That’s according to Angela Benton, the founder and CEO of Streamlytics, a company that collects first-party consumer data transparently and aims to disrupt the current model of third-party mining of data from cookies and other methods that raise privacy and ethics concerns. Most recently, she was named one of Fast Company‘s Most Creative People for helping consumers learn what major companies know about them and paying them for the data they create while using streaming services like Netflix or Spotify.

In the latest Inc. Real Talk streaming event, Benton explains that she founded the company with minorities in mind, particularly the Black and Latinx communities, because of the disproportionate way they’ve been affected by data and privacy. For example, she points to the recent controversy over facial recognition data being sold to the police, which has a much higher error rate when comparing data of Black and Asian male faces, which could potentially lead to wrongful arrests.

“That becomes extremely important when you think of what artificial intelligence is used for in our day-to-day world,” she says, noting that AI is used for everyday interactions like loan applications, car applications, mortgages, and credit cards. Using her company’s methods, Benton says, clients can secure ethically sourced data, so that algorithms won’t negatively affect communities that have historically suffered from discriminatory practices.

Here are a few suggestions from Benton for finding data ethically without relying on third-party cookies.

Do your own combination of data sets.

“How [Streamlytics] gets data is very old school,” Benton says. Instead of relying on tech to combine data points, she says, you can manually compare data you already own and make assumptions using your best judgment. You may have data from a Shopify website, for example, about the demographic of your customers, and then you can go to a specific advertiser, like Hulu, for instance, to then target people that fit that profile.

Use your data to discover new products.

You can also look to your data to find common searches or overlapping interests to get ideas for new products, Benton says. Often, she says, she receives data requests from small business owners to discover ideas that aren’t currently on the market, for example, a vegan searching for a vitamin.

This combination method surprised Benton when she presented clients with data. “I thought it was going to be more focused on just like, “How can I make more money?” she says. “But we are hearing from folks that they want access to data to use it in more creative ways.”

Don’t take social media data at face value.

Benton and her company purposely do not source social media data because she thinks the data leave too much out of the full picture. You may get a customer’s age and “likes” from a social media page, but that doesn’t tell you what they’re searching for or what their habits are.

Related:

Data Privacy: 4 Things Every Business Professional Should Know

5 Applications of Data Analytics in Health Care

Data Science Principles

“That’s not, to me, meaningful data. That’s not where the real value lies,” she says. “We’re not focused on what people are doing on social media, we’re focused on all of the activities outside of that.” She gave a scenario where a consumer is watching Amazon Prime, while also scrolling on Uber Eats to find dinner.

Data signals are happening at the same time, but they’re not unified. It’s up to businesses to connect the dots. To Benton, that’s more meaningful than what you’re posting and what you’re liking on social media.

Source: What an Ethical Data Strategy Can Look Like | Inc.com

.

References:

“Datafication and empowerment: How the open data movement re-articulates notions of democracy, participation, and journalism”.

“Who Owns the Data? Open Data for Healthcare”.

“Note – The Right to Be Forgotten”.

“Big Data ethics”.

“Data workers of the world, unite”.

“Challenges and Opportunities of Big Data in Health Care: A Systematic Review”

Personal Data trading Application to the New Shape Prize of the Global Challenges Foundation

The Data Revolution: Big Data, Open Data, Data Infrastructures and Their Consequences

“Methodology – Global Open Data Index

The Open Knowledge Foundation

The 3 Biggest Mistakes the Board Can Make Around Cyber Security

The role of the Board in relation to cyber security is a topic we have visited several times since 2015, first in the wake of the TalkTalk data breach in the UK, then in 2019 following the WannaCry and NotPeyta outbreaks and data breaches at BA, Marriott and Equifax amongst others. This is also a topic we have been researching with techUK, and that collaboration resulted in the start of their Cyber People series and the production of the “CISO at the C-Suite” report at the end of 2020.

Overall, although the topic of cyber security is now definitely on the board’s agenda in most organisations, it is rarely a fixed item. More often than not, it makes appearances at the request of the Audit & Risk Committee or after a question from a non-executive director, or – worse – in response to a security incident or a near-miss.

All this hides a pattern of recurrent cultural and governance attitudes which could be hindering cyber security more than enabling it. There are 3 big mistakes the Board needs to avoid to promote cyber security and prevent breaches.

1- Downgrading it

“We have bigger fishes to fry…”

Of course, each organisation is different and the COVID crisis is affecting each differently – from those nearing collapse, to those which are booming. But pretending that the protection of the business from cyber threats is not a relevant board topic now borders on negligence and is certainly a matter of poor governance which non-executive directors have a duty to pick up.

Cyber attacks are in the news every week and have been the direct cause of millions in direct losses and hundreds of millions in lost revenues in many large organisations across almost all industry sectors.

Data privacy regulators have suffered setbacks in 2020: They have been forced to adjust down some of their fines (BA, Marriott), and we have also seen a first successful challenge in Austria leading to a multi-million fine being overturned (EUR 18M for Austrian Post). Nevertheless, fines are now reaching the millions or tens of millions regularly; still very far from the 4% of global turnover allowed under the GDPR, but the upwards trend is clear as DLA Piper highlighted in their 2021 GDPR survey, and those number should register on the radar of most boards.

Finally, the COVID crisis has made most businesses heavily dependent on digital services, the stability of which is built on sound cyber security practices, in-house and across the supply chain.

Cyber security has become as pillar of the “new normal” and even more than before, should be a regular board agenda, clearly visible in the portfolio of one member who should have part of their remuneration linked to it (should remuneration practices allow). As stated above, this is fast becoming a plain matter of good governance.

2- Seeing it as an IT problem

“IT is dealing with this…”

This is a dangerous stance at a number of levels.

First, cyber security has never been a purely technological matter. The protection of the business from cyber threats has always required concerted action at people, process and technology level across the organisation.

Reducing it to a tech matter downgrades the subject, and as a result the calibre of talent it attracts. In large organisations – which are intrinsically territorial and political – it has led for decades to an endemic failure to address cross-silo issues, for example around identity or vendor risk management – in spite of the millions spent on those matters with tech vendors and consultants.

So it should not be left to the CIO to deal with, unless their profile is sufficiently elevated within the organisation.

In the past, we have advocated alternative organisational models to address the challenges of the digital transformation and the necessary reinforcement of practices around data privacy in the wake of the GDPR. They remain current, and of course are not meant to replace “three-lines-of-defence” type of models.

But here again, caution should prevail. It is easy – in particular in large firms – to over-engineer the three lines of defence and to build monstrous and inefficient control models. The three lines of defence can only work on trust, and must bring visible value to each part of the control organisation to avoid creating a culture of suspicion and regulatory window-dressing.

3- Throwing money at it

“How much do we need to spend to get this fixed?”

The protection of the business from cyber threats is something you need to grow, not something you can buy – in spite of what countless tech vendors and consultants would like you to believe.

As a matter of fact, most of the breached organisations of the past few years (BA, Marriott, Equifax, Travelex etc… the list is long…) would have spent collectively tens or hundreds of millions on cyber security products over the last decades…

Where cyber security maturity is low and profound transformation is required, simply throwing money at the problem is rarely the answer.

Of course, investments will be required, but the real silver bullets are to be found in corporate culture and governance, and in the true embedding of business protection values in the corporate purpose: Something which needs to start at the top of the organisation through visible and credible board ownership of those issues, and cascade down through middle management, relayed by incentives and remuneration schemes.

This is more challenging than doing ad-hoc pen tests but it is the only way to lasting long-term success.

By: JC Gaillard

Source: The 3 Biggest Mistakes the Board Can Make Around Cyber Security – Business 2 Community

.

Critics:

A data breach is the intentional or unintentional release of secure or private/confidential information to an untrusted environment. Other terms for this phenomenon include unintentional information disclosure, data leak, information leakage and also data spill. Incidents range from concerted attacks by black hats, or individuals who hack for some kind of personal gain, associated with organized crime, political activist or national governments to careless disposal of used computer equipment or data storage media and unhackable source.

Definition: “A data breach is a security violation in which sensitive, protected or confidential data is copied, transmitted, viewed, stolen or used by an individual unauthorized to do so.”Data breaches may involve financial information such as credit card & debit card details, bank details, personal health information (PHI), Personally identifiable information (PII), trade secrets of corporations or intellectual property. Most data breaches involve overexposed and vulnerable unstructured data – files, documents, and sensitive information.

Data breaches can be quite costly to organizations with direct costs (remediation, investigation, etc) and indirect costs (reputational damages, providing cyber security to victims of compromised data, etc.)

According to the nonprofit consumer organization Privacy Rights Clearinghouse, a total of 227,052,199 individual records containing sensitive personal information were involved in security breaches in the United States between January 2005 and May 2008, excluding incidents where sensitive data was apparently not actually exposed.

Many jurisdictions have passed data breach notification laws, which requires a company that has been subject to a data breach to inform customers and takes other steps to remediate possible injuries.

A data breach may include incidents such as theft or loss of digital media such as computer tapes, hard drives, or laptop computers containing such media upon which such information is stored unencrypted, posting such information on the world wide web or on a computer otherwise accessible from the Internet without proper information security precautions, transfer of such information to a system which is not completely open but is not appropriately or formally accredited for security at the approved level, such as unencrypted e-mail, or transfer of such information to the information systems of a possibly hostile agency, such as a competing corporation or a foreign nation, where it may be exposed to more intensive decryption techniques.

ISO/IEC 27040 defines a data breach as: compromise of security that leads to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to protected data transmitted, stored or otherwise processed.

See also

Apple Vs Facebook Who Will Win The Data Privacy War?

Apple Vs. Facebook – Who Will Win The Data Privacy War?

Did you know the average app includes six third-party trackers that collect and share your online data?

The war over data privacy continues to heat up in the tech world. Two of the world’s biggest technology companies, Apple and Facebook, are taking very different approaches to user privacy, and their decisions are having ripple effects throughout the tech community.

Apple’s New Transparency Requirement

Apple’s new App Tracking Transparency feature, which will automatically be enabled on iOS in early spring, forces app developers to explicitly ask for permission from users to track and share information for cross-platform ad targeting.

With App Tracking Transparency, Apple requires every iOS app to ask you upfront if they’re allowed to share your information with data brokers and other networks, so they can serve mobile ads to you and measure your response to those ads.

After this change is in place, you’ll see a notification the first time you launch any new app on your phone, explaining what the proposed third-party tracker is used for, and whether you want to approve or reject the tracking and sharing of your data.

Facebook CEO Mark Zuckerberg criticized Apple’s new changes publicly, saying they were specifically put in place to put Facebook at a disadvantage. Zuckerberg says Apple is Facebook’s biggest competitor.

But while Apple is adding more privacy features to give its users more control, Facebook is moving in the other direction.

The Thin Line Between WhatsApp and Facebook

Facebook recently announced changes to the WhatsApp Privacy Policy that have some users outraged.

Right now, WhatsApp has some features that allow users to communicate with businesses through WhatsApp chat—and some of those businesses are hosted by Facebook. According to the new policy, messages between the prospect or customer and the business they’re communicating with could be collected and shared with the larger Facebook ecosystem.

That means Facebook and its advertisers could potentially use customer service chats or transaction receipts for marketing and advertising purposes.

The content of users’ individual chats will continue to be encrypted, so they cannot be seen by the company. The data within those chats will not be harvested or shared with third parties. Nonetheless, Facebook faced a huge backlash against the new rules after the announcement, prompting them to publish an FAQ page to clarify the policy and reassure upset WhatsApp users.

The pushback was big enough that Facebook decided to delay the rollout of the new rules (originally slated for February) to May 15th. In mid-May, WhatsApp users will need to accept the new Privacy Policy terms, or lose access to their accounts.

For many WhatsApp users, this announcement was a distinct reminder that WhatsApp users are now Facebook customers, and over time, Facebook will be moving information between the two platforms more often, in the name of “interoperability.”

Transparency: Winning Hearts and Minds in the Tech World

Apple and Facebook often take different approaches to user privacy. More and more, Apple seems to be taking steps to be more transparent and to protect user data, including regulating app developers in their ecosystem.

Meanwhile, Facebook has trouble gaining the trust of many of its users, and the common assumption is that the company prioritizes the needs of its advertisers over the privacy of its users.

Clearly, the market is sensitive to privacy issues, and they want companies to be more transparent – as evidenced by the backlash to Facebook’s recent WhatsApp announcement.

In the long run, I believe the companies that are more transparent with their users and take a stand to protect data privacy will be the ones who succeed – but only time will tell.

Follow me on Twitter or LinkedIn. Check out my website.

Bernard Marr is an internationally best-selling author, popular keynote speaker, futurist, and a strategic business & technology advisor to governments and companies. He helps organisations improve their business performance, use data more intelligently, and understand the implications of new technologies such as artificial intelligence, big data, blockchains, and the Internet of Things. Why don’t you connect with Bernard on Twitter (@bernardmarr), LinkedIn (https://uk.linkedin.com/in/bernardmarr) or instagram (bernard.marr)?

Source: Apple Vs. Facebook – Who Will Win The Data Privacy War?

.

.

Only on “CBS This Morning,” Facebook CEO Mark Zuckerberg and his wife, philanthropist Priscilla Chan, invited us into their home. They have never allowed a TV camera crew inside before. Gayle King was able to see first-hand who this couple is outside their Facebook lives. They discussed raising their two young daughters and how family inspires the work they do. Watch “CBS This Morning” HERE: http://bit.ly/1T88yAR Download the CBS News app on iOS HERE: https://apple.co/1tRNnUy Download the CBS News app on Android HERE: https://bit.ly/1IcphuX Like “CBS This Morning” on Facebook HERE: http://on.fb.me/1LhtdvI Follow “CBS This Morning” on Twitter HERE: http://bit.ly/1Xj5W3p Follow “CBS This Morning” on Instagram HERE: http://bit.ly/1Q7NGnY
.
.
More Contents on Data Privacy:
Technology for Change Week Asia
events.economist.com – Today
[…] The fallout from the Cambridge Analytica data scandal raised important questions about data privacy and how companies use social media data for political and commercial gain […]
45
MySecurity TV – MySecurity Marketplace %
mysecuritymarketplace.com – Today
[…] Taskforce Recommendations and Dr Sushmita Ruj, Senior Research Scientist, Data61 discussing a new data privacy preserving tool fuelled by AI, called Personal Information Factor (PIF) […]
N/A
Senior Information Technology Cyber Security Analyst – London – Technojobs
[…] vendor risk, examining vendor contracts for terms of service, understanding third-party risk, and data privacy issues […] such as COBIT, NIST (800-53, cybersecurity), ISO, ITIL, PCI, GLBA, GDPR, HIPAA, and other data privacy and security standards and regulations […]
0
Marketing Communications Engineer – Java at JP Morgan, London, £Market Rate
contracts.contractspy.co.uk – Today
[…] ensures data quality, enforces governance and measurement, and complies with GDPR and other strict data privacy requirements […]
0
NetApp : Accelerate your storage—first the cloud, then to infinity and beyond | MarketScreener
[…] NetApp Cloud Compliance service provides automated controls for data privacy regulations such as the General Data Protection Regulation (GDPR) and California Consumer Privac […]
0
Remote Work Policy Template For Improved Productivity
[…] in the employee handbook, including attendance, code of conduct, confidentiality, PTO, and data privacy and security […]
1
Forensic Services and Integrity Services | EY – India
[…] handling of company data and are supported by dedicated resources from EY General Counsel’s Global Data Privacy team […]
0
odoo12-addon-privacy ·
pypi.org – Today
[…] 0) Released: Feb 19, 2021 Provides data privacy and protection features to comply to regulations, such as GDPR […]
N/A
AI, Blockchain & IoT- A Tech Consortium of the Future
[…] The blockchain identity system often has to comply with data privacy rules, as with traditional centralized systems […] Data privacy is particularly advantageous in the IoT sense […]
6
Crwe World | ING to leave Czech retail banking market by end-2021
crweworld.com – Today
[…] the effects of cyber-attacks and changes in legislation and regulation related to cybersecurity and data privacy, (18) changes in general competitive factors, (19) the inability to protect our intellectua […]
0
Virginia Senate Passes Consumer Privacy Law
[…] bills to watch in 2021: Florida HB 969 (HB569) – On February 15, Governor Ron DeSantis announced a data privacy bill similar to the CCPA […] Takeaway States across the country are contemplating ways to enhance their data privacy and security protections […]
N/A
Creating a Privacy-Aware Data Culture with Alation Data Catalog and BigID | Alation
The technological and regulatory environments are changing rapidly, making governance and data privacy a priority […] Yet, despite the urgency, enterprises struggle to get a handle on data privacy — lacking organizational alignment, the ability to scale from policy to usage, and visibility an […] cataloging and privacy classification, have partnered to bring automation and scale to governing data privacy […]
N/A
Parler Interim CEO Mark Meckler Talks Relaunch, Data Privacy & Building A New Independent Tech Stack | American Thought Leaders
rumble.com – Today
Parler Interim CEO Mark Meckler Talks Relaunch, Data Privacy & Building A New Independent Tech Stack | American Thought Leaders American Thought Leader […]
15
Global Data Alliance Applauds Strong Focus on Data Flows in New EU Trade Strategy | BSA | The Software Alliance
[…] RELATED CONTENT Virtual Event: APEC Data Privacy Subgroup Meeting BSA’s Jared Ragland presents to the delegates of the Asia-Pacific Economi […] Jared Ragland presents to the delegates of the Asia-Pacific Economic Cooperation (APEC) forum’s Data Privacy Subgroup (DPS) during their virtual meeting […]
0
Telecom News | Latest Telecom Industry News, Information and Update: ET Telecom
telecom.economictimes.indiatimes.com – Today
[…] India’s data policy should help export of services, software to grow: IBM Chairman The future of Data Privacy Officers in India Reviews Vivo V20 review: Good mid-range camera smartphone with premium look […]
599
Best VPN for watching the NFL in 2021: How to watch the NFL in the UK
mashable.com – Today
[…] 99/month See Details Data privacy can be an issue with VPNs, especially when they aren’t clear on what they’re doing with you […]
3
Comprehensive State Privacy Laws On The Move, How Should Organizations Evaluate Them? | Jackson Lewis P.C. – JDSupra
[…] Finally, data privacy and security laws increasingly reach third-party service providers to covered organizations eithe […]
0
Virginia Passes Consumer Privacy Law; Other States May Follow | Jackson Lewis P.C. – JDSupra
[…] bills to watch in 2021: Florida HB 969 (HB569) – On February 15, Governor Ron DeSantis announced a data privacy bill similar to the CCPA […] Takeaway States across the country are contemplating ways to enhance their data privacy and security protections […]
N/A
Samsung One UI 3.1 Features: These new changes come to your smartphone »
[…] Remove location data: Privacy of the user is an important factor for the company and with One UI 3 […]
0
Corporate Counsel – Shelton, CT Job at Hubbell in Shelton, Connecticut
[…] corporate compliance issues and regulatory matters, including, without limitation, antitrust, data privacy and sales; Participating in the design and development of corporate policies, procedures, an […]
0
From CSR to ESG: How to Kickstart Your ESG Program in 2021 | NAVEX Global – JDSupra
[…] Social benchmarks address how companies respond to the complex and evolving issues like data privacy, pay equity, health and safety, diversity and inclusion, social justice positions, and employe […]
0
Contact
Thank you for your interest in Teleperformance’s services. An Interaction Expert will contact you shortly. To complete the form, please start by filling out the reason for your contact. Data Privacy Information Please provide your contact information to enable us to send you further information about our services and research.  All information is processed in accordance with our Privacy Policy.
N/A
Global Big Data Conference
[…] This approach is a new take on data privacy and a growing megatrend […]
3
State data privacy laws
An overview of state policies on data privacy, including highlights on landmark privacy laws and recent action on data breach notifications.
1
Cybersecurity in Medical: Cybersecurity Trends
[…] All healthcare organisations should seek ongoing training programmes for data privacy, protection, and cybersecurity […]
N/A
Privitar
To celebrate Data Privacy Day we are delighted to invite you to this in-depth fireside chat featuring renowned privacy leader Michelle Dennedy, co-author of the Privacy Engineer’s Manifesto and former senior data privacy leader at Cisco, McAfee/Intel Security, Oracle and Sun Microsystems. Michelle will draw on her experiences working on complex global data and privacy…
N/A
11th Circuit Says Standing in Data Breach Case Requires Actual Harm | Robinson+Cole Data Privacy + Security Insider – JDSupra
Last week, in Tsao v. Captiva MVP Restaurant Partners, LLC (Captiva), the U.S. Court of Appeals for the 11th Circuit held that data breach claims arising from increased risk of future…
N/A
HOT JOBS & COOL JOBS: ENTRY LEVEL PARALEGAL / LEGAL ASSISTANT / ADMINISTRATIVE ASSISTANT ENGLEWOOD CO USA
[…] The firm has been consistently on the cutting edge of legal developments, and is a leader in the data privacy and cyber security space […]
0
ESOMAR Council Candidates – ESOMAR, the global insights community
[…] GDPR and data privacy is one topic, but another threat is that the GAFA get into an oligopolistic situation i […] 000 clients, brands, MR agencies and 300 Scientific Research Institutions, I know about data privacy and standards in operations […]
N/A
Paytm Money opens F&O trading for all at Rs 10, receives over 1 lakh early access requests
opinionexpress.in – Today
[…] All this and a lot more would be available with absolute data privacy to keep investors’ personal data safe with bank-level security […]
1
Measurementality Series | IEEE SA
standards.ieee.org – Today
[…] goal of our series, “defining what counts in the algorithmic age,” guests will discuss issues like data privacy for children, data agency for all, and how metrics like the United Nations Sustainable Developmen […]
N/A
MyDigital to transform Malaysia digitally by 2030
[…] Muhyiddin also stressed that cybersecurity and data privacy are among the government’s primary focus in realising the country’s vision of digital technology […]
0
Criminal Information Analyst/Investigator | Government Jobs
[…] Maintain confidential data and comply with data privacy requirements […]
0
Whatsapp says new privacy policies not going anywhere
[…] To the extent that users started switching to alternatives that offered data privacy […]
N/A
Covid-19 pandemic gives rise to telehealth services across Gulf
[…] new concept to the local market and, initially, there were some concerns over reliability and data privacy,” said Dr Mohamed AlGassab, operation director at Cura Healthcare, a telemedicine startup in Saud […]
0
Data Privacy Software Market Size, Segmentation, Growth Challenges by Manufacturers – Egnyte, DPOrganizer, Salesforce, CrashPlan, SAI Global, Aptible, Teramind DLP, OneTrust, HPE, Alteryx, DtaGrail, Box Zones, Netwrix Auditor – Atlantic Financial Management
[…] of the current market size, drivers, trends, opportunities, challenges, and key segments of the Data Privacy Software market. Further, the report explains various definitions and classifications of Data Privacy Software industry, applications, and chain structure. Continuing with the data above, the Data Privacy Software report gives different marketing strategies by distributors and major players […]
N/A
HOT JOBS & COOL JOBS: COMPUTER NETWORK ENGINEER OXNARD CA USA
[…] Apply Now>> 2 Staff Data Privacy & Security Engineer Carpinteria, CA, USA D […]
N/A
Our credentials — Corporate
mydex.org – Today
[…] Mydex has worked hard to gain certification and recognition based on stringent data privacy procedures, and continue to work with leading organisations in the field of personal data and ope […]
0
ESG as a Consideration in Vendor Procurement » Citco
citco.com – Today
[…] a history of good governance and experience in maintaining good governance standards data and data privacy practices corporate accountability safeguards such as KYC and AML policies and oversight committees […]
N/A
McGuireWoods Expands Digital Health Team With Partners in Houston and Chicago | McGuireWoods
[…]   Linna represents healthcare providers and healthcare technology companies on M&A, data privacy and security, and regulatory matters […]
N/A
Your Office Is Now Everywhere. Give Your Team The Tools To Succeed – Soliton Systems, Inc.
[…] implementation, and low maintenance guarantees secure data access complies to internal and external data privacy policies […]
N/A
Connected Car Technology: Five Keys for Acceleration | Jabil
[…] Much of this resistance is due to concerns about security and data privacy […]   Automakers Must Respect Data Privacy There are two types of data being gleaned […] While the growing data is an unusual issue for automakers to wrestle with, the industry recognizes data privacy concerns and the need to anonymize all data […]
N/A
Quick guide on radiology image pre-processing for deep learning applications in prostate cancer research
[…] amounts of data, which can be limited in medical imaging applications due to the concerns over data privacy as well as the paucity of annotation (labels) in supervised learning […]
0
Machine Learning & Training Data: Sources, Methods, Things to Keep in Mind
labelyourdata.com – Today
[…] arise: it’s important to ensure that treatment and management of your training data comply with the data privacy regulations and standards […]
0
The Digital Download – Alston & Bird’s Privacy, Cyber & Data Strategy Newsletter – February 2021 | Alston & Bird – JDSupra
[…] begins detailing its regulatory and enforcement priorities, it faces a new challenge on the health data privacy and security front […] Department of Health and Human Services’ (HHS) interpretation of two key data privacy and security regulations, and required the agency to consider penalties assessed against othe […]
N/A
Customers unify hybrid and multicloud IT operations with Azure Arc | Azure Blog and Updates | Microsoft Azure
azure.microsoft.com – Today
[…] However, organizations still need to maintain customer data privacy and in compliance with their data sovereignty regulations […]
22
Expiration Date Tracking Software | Contisoft Technologies LLP
contisofttechno.com – Today
[…] ● RenewalHelp’s robust security feature maintains data privacy and security of the data […]
N/A
The 3 Compliance Aspects For Passive Predictive Monitoring Device Success
[…] Address All Relevant Privacy Requirements Data privacy is top of mind for many consumers […] Regulatory, data privacy, and safety aspects can easily be overlooked during development, but they are key to a successfu […]
N/A
WhatsApp isn’t giving up on new privacy policy, will launch fresh drive to convince users
theprint.in – Today
[…] However, the updates were met with intense backlash by users, who raised concerns about data privacy […]

Why Most Modern Online Fraud Prevention Methods Are Falling Short

1

It was recently reported that new account fraud went up 28% in 2019 compared to 2018 global reports, and more than 100% over 2014 levels. As cybercriminals fine-tune their impersonation efforts, it’s getting more difficult for modern enterprises to distinguish between high-risk and low-risk users — and this will only continue thanks to large-scale data breaches, the evolution of the dark web and the looming threat of identity theft. Unfortunately, traditional authentication methods like passwords, knowledge-based authentication (KBA) and SMS-based two-factor authentication (2FA) can easily be spoofed as the result of the never-ending data breaches that we read about every day.

Just a couple months ago, an unsecured database on the dark web left the personal information of more than 267 million Facebook users, mostly in the U.S., exposed. This type of breach is not only a nightmare for the consumers impacted but also for businesses. When over 190,000 websites are Facebook Login Button customers and almost 40,000 live websites use the Facebook Login Button, a hacker can easily gain access to a multitude of connected accounts by simply having access to a user’s Facebook profile. This particular breach exposed Facebook profiles, as well as email addresses, meaning all fraudsters need to do is look for a consumer’s exposed passwords in a disconnected breach in order to have a good chance at gaining access to their Facebook account and subsequent connected accounts (since 50% of Americans recycle passwords across multiple websites).

Traditional methods like SMS-based 2FA and simple password authentication aren’t the only forms of authentication proving inadequate. Methods like fingerprint scanning have also come up short in recent months, proving hackable with little effort. Digital fingerprints are being sold in the Richlogs Marketplace (dark web) according to a recent report from IntSights. The report reveals that digital fingerprints which include the full fingerprinting of a user’s web browser and computer characteristics, allows an attacker to almost flawlessly impersonate the victim.

It was recently reported that the fingerprint reader on Samsung’s flagship S10 and Note10 smartphones can be spoofed with a $3 screen protector. Unfortunately, this means any person can unlock the device and access its data and any other apps opened by the fingerprint-based biometric security. Smartphone manufacturers have been implementing advanced features for users to secure their devices, using fingerprint readers, face mapping and even sensors that map out the veins in the palm of your hand, but device-centric approaches like fingerprint sensors are inherently problematic.

The biggest issue is that these fingerprint sensors are easily duped and cannot be relied on for commercial authentication use cases, but this approach also suffers from several other limitations. Multiple people can register their fingerprints on the same device, which means it’s unclear which family member was behind a given commercial transaction. Also, if the device is lost or stolen, the ability to recover access to their online accounts is challenging. Finally, device-centric unlocking functionality, such as the Samsung fingerprint scan, is also limited in terms of establishing someone’s actual digital identity for on-device purchases (i.e., users cannot use their fingerprint scans to make purchases from their desktop computer).

For any organization looking for enterprise-grade security, spoof-proof detection and cross-device support, sophisticated face-based authentication is inherently superior to fingerprint-based, SMS-based 2FA and simple password methodologies. Certain cloud-based approaches can leverage the 3D face map of a user’s face to alleviate some of the shortcomings of fingerprint-only authentication methods. Features like certified liveness detection add another layer of protection, rendering the solution practically dupe-proof. These options create a digital chain of trust to a unique user and can be used across devices. This will prove increasingly valuable with the rise of advanced fraud strategies like account takeovers, identity theft and deepfake technologies.

Philipp facilitates Jumio’s product strategy and, with his team, turns visions into products. Prior to Jumio, Philipp was responsible for paysafecard, Europe’s most popular prepaid solution for online purchases.

Source: https://forbes.com

728x90-1-1-1-1

The nature of payments fraud requires real-time solutions designed to detect and prevent fraud before it happens. Learn what is required to thwart fraud and how UP Payments Risk Management solutions can put you in control of managing risk. Learn more: http://www.aciworldwide/paymentsrisk Commerce and banking channels are multiplying and providing consumers more ways to transact than ever before. From physical channels, like credit, debit and pre-paid cards; checks; ATMs and point-of-sale terminals; to digital channels like ACH, wire, internet, telephone, mobile devices and crypto-currencies. Consumers, businesses, merchants and financial institutions all benefit from anytime, anywhere commerce…but…there’s a dark side. Sophisticated fraud threats are multiplying even faster: malware and Trojans; account takeover and identity theft; credit abuse and bust-out scams; ACH and wire fraud; data breaches; money laundering and employee fraud. In fact, a single data breach can compromise tens of millions of account holders in a matter of seconds.
%d bloggers like this: