Google and social networks aren’t the only threats to your online security. As the New York Times reports, your bank and favorite online retailers are tracking everything you do while you use their websites and apps.
Why your banking and shopping isn’t secure or private
Simply put, banks and retailers are tracking how you type, swipe and tap. Although this can help prevent someone from fraudulently accessing your online accounts, it can also reveal your identity without your authorization or awareness.
The way you press, scroll and type on a phone screen or keyboard can be as unique as your fingerprints or facial features. To fight fraud, a growing number of banks and merchants are tracking visitors’ physical movements as they use websites and apps.
Some use the technology only to weed out automated attacks and suspicious transactions, but others are going significantly further, amassing tens of millions of profiles that can identify customers by how they touch, hold and tap their devices.
Of course the threat to your security is that you don’t know what sites are profiling and identifying you without your knowledge. Consequently, you have little or no cues when this type of technology is being maliciously used.
Privacy advocates view the biometric tools as potentially troubling, partly because few companies disclose to users when and how their taps and swipes are being tracked.
“What we have seen across the board with technology is that the more data that’s collected by companies, the more they will try to find uses for that data,” said Jennifer Lynch, a senior lawyer for the Electronic Frontier Foundation. “It’s a very small leap from using this to detect fraud to using this to learn very private information about you.”
The Times’ article continues to provide a simple illustration of how invasive this type, swipe, and tap technolgy is:
Biometric systems can sometimes detect medical conditions. If a customer with a once-steady hand develops a tremor, her automobile insurance company might get worried. That’s potentially a problem if the customer’s bank, which detected the tremor through its security software, is also her insurer.
“This is the kind of data that usually has some kind of consumer protections around it, but here there’s none at all,” said Pam Dixon, the executive director of the World Privacy Forum. “Companies are using these systems with no notice of any kind.”
In most countries, there are no laws governing the collection and use of biometric behavioral data.
Quick Tip: Although behavior biometrics can protect your online accounts, it can also be used by corporations, governments and cybercriminals to monetize and control you.