Skip links

If data’s the new oil and mobile apps are the barrel, where’s the leak?

It’s no secret that the value of data has been seen as a more prized commodity than oil in recent years. With apps such as TikTok being banned due to, as Trump would put it, “national security threats,” it is clear that leaders and governments around the world are beginning to understand the implications of having sensitive data travel across borders. 

But is shaking your butt for the latest TikTok challenge really a threat to your country’s national security? Also, how much value and insight does twerking really provide for tech companies? Let’s dive into it.

For better or for worse, a large portion of the global population willingly participates in social media, uploading trillions of terabytes worth of data online. The reason behind this is simple: social media is a free and easy way to share precious moments with those they love. Yet many do not realize that these activities allow advertisers to profit off their sentimentality by running algorithms that identify your preferences based on their activities and presenting them with the right goods and services. Of course, I’m not implying that this is a good thing or a bad thing – that’s a separate topic altogether. The point is that the algorithms used by platforms such as Facebook and Instagram are simply tools that help users access products or content that is most relevant to them based on their interactions within the platform.

Whenever an app is installed, users are often forced to accept annoying terms and conditions that nobody really reads. But these seemingly innocuous terms and conditions are actually extremely important because these are what allow social media platforms access to the photos, locations, and contacts saved on users’ phones. With apps like TikTok, the three previously-mentioned data are not even the most problematic – imagine all the other personal data these platforms can access including passport images and proof of address from mobile banking apps. Using ubiquitous banking apps, banks are also sitting on a treasure trove of information that can not only be used to steal your money but also to steal your entire identity. 

90% of today’s web traffic is actually API traffic. This means that the vast majority of data traveling across the internet takes place between programs. As with most apps, including those used for banking, APIs are used for communication and is mostly the first point of attack during hacks or data heists. In recent years, banks have been mandated by regulators to not just deliver banking services with integrity, but also act as assistants to financial regulators or cybercrime investigators. This is because regulators generally understand how to allocate tasks but generally lack the knowledge to do so. Of course, the first thing to be scrutinized will be the ‘how’ when actions are taken by the individual companies.

Most of us have accepted that the data we’ve uploaded on our social media platforms will be leaked out there sooner or later. This is exemplified by the lack of attention and media coverage surrounding data breaches which are further undermined by free services offered by Firefox and others that will inform you whether your data is compromised. In other words, we have pretty much given up control over our data and let others (often predatory players) handle them for us.

Many banks have moved away from impenetrable steel safes and concrete walls to digital encryption to keep our data safe, and this has only been more the case following COVID-19. This has meant that the fight for security now takes on a digital form with both cybersecurity firms and hackers trying to upend each other. Information traveling across banking APIs is plentiful, and data such as passport pictures, proof of residency, and even geolocation are shared over these apps.

It is 2020 and access to your personal data is not a matter of if, but rather when. In the case your bank goes bust, your lost monetary value will be covered by the FDIC insurance; this, however, does not apply if your app gets hacked. So should the focus lie on nailing the latest dance challenge or will matters have to get worse before something is done to secure our data?

The best cure is prevention.

Leave a comment