Data Security in a Digitalized World
In 2013, public record aggregating company Court Ventures (now a subsidiary of Experian) faced a serious problem: someone had breached their cyber security measures, accessing over 200 million American social security numbers. This breach had significant implications for millions of people – with their social security numbers accessible to criminals on the dark web, they were vulnerable to personal attack and identity fraud. This is just one example of many security breaches across many different platforms over the past decade, each one creating a serious threat for consumers whose information had been accessed.
In a world where personal information is increasingly shared online, the need for security is crucial. While the Court Ventures debacle involved highly sensitive data about a person – i.e. their social security number – other security breaches have also posed a threat to millions of people in just as serious of ways.
According to the Information Commissioner’s Office (a UK authority that promotes data privacy for individuals), personal data is “any information that relates to an identified or identifiable individual.” Personal data obviously includes things like social security numbers and credit card numbers; but it’s actually much broader than that. It could be part of a name, or any number related to a person; or it could be a physical address, or an IP address, or cookie identifier. Literally any information that can relate back to a specific person is considered to be personal data.
These days, essentially every living person has a significant amount of personal data scattered around the internet. Whether because of online banking or online shopping, information most likely exists that can be traced back to specifically you. You may care a lot about that reality, or you may not – either way, it’s going to become increasingly important to be able to keep personal data secure in a highly digitalized world.
What is Data Security?
Because relevant and accurate data is extremely valuable in today’s commerce-driven world, keeping that data safe is a priority. IBM describes data security as “the practice of protecting digital information from unauthorized access, corruption, or theft throughout its entire lifecycle.” These measures are taken to not only protect data from cybercriminal activity but also to help prevent insider threats or even prevent human errors from being made.
There are several different ways commonly used to keep digital data secure, including things like encryption (which basically scrambles information into a code that only authorized people can read), being able to erase or overwrite data, and masking personal information that could be traced back to an individual. These methods help keep personal data safe from external and internal threats.
Security is vital for the storage of personal data within a specific entity; however, it may be even more crucial in the process of sharing data. People want the ability to easily share their data with different platforms and applications, but anytime data is shared between entities, it becomes vulnerable – hence why security within data sharing is so important.
Out With the Old, In With the New
The old way of keeping data secure when sharing it between platforms involved using actual usernames and passwords of the people involved. The only way personal information could be shared to other programs was to share the related personal information. Open banking, however, has provided a new way to share sensitive information, and this is the process Pentadata follows when connecting applications with users. In open banking, the consumer always must first grant permission to share their data with any third party. When that permission is granted, instead of financial institutions sharing actual online account information, they send Pentadata a token for each consumer, which essentially exchanges that person’s sensitive data with a non-sensitive equivalent. The token is exchanged in an encrypted way (scrambling the information so that only the intended recipient can access it) and then stored in a secure infrastructure, compliant with industry standards. For instance, Pentadata is SOC 2 – Type 2 compliant.
The new way of sharing data through open banking is undeniably a more secure way to share personal information between different entities. First, it doesn’t involve sharing any usernames or passwords, which is important since many people use the same or similar login info across different platforms. To share information pertaining to one platform ends up putting other accounts using the same information at risk. Second, the tokens are not duplicated across multiple platforms. Each time data is shared with a new application or program, a new token is sent, making it more difficult for the scrambled information to be accessed by outsiders since there aren’t repeat tokens. Third, consumers always have the option to change their mind about sharing data with a specific platform and can opt out anytime. When this happens, the token associated with them is invalidated. Lastly, the bank or financial institution can also revoke access at any time, if they have reason to believe that the information has been wrongly shared.
Open banking provides additional security benefits to consumers as well. These benefits include being able to see through your online banking portal exactly which apps have been granted access to your information.
On that page, consumers can also revoke access at any time in a very simple, straightforward process. All it takes is a few clicks.
Pentadata’s Commitment to Security
We believe that consumers have a right to keep their personal information private and protected. Pentadata’s open banking methods and APIs are designed to be as secure as possible, and we’re continually working to stay up on best practices in this arena. We’re committed to protecting personal data that consumers choose to share across different platforms.
We know that security is important not only to consumers; it also matters to the companies they work with. In order to succeed, an application or program must have the ability to keep their customer’s information safe. When you partner with us, we can guarantee the consumer information you need will come to you with the highest measures of security in place.
If you’re interested in finding out more about how Pentadata can help you with data security, contact us today.