In this article we’ll explore the differences between how traditional financial services and digital wallets like YourOwn treat data and build user's trust. It is an important topic to address with the recent uptick in data breaches:
”In the first eight months of 2023 alone, over 360 million people were victims of corporate and institutional data breaches.”
Although most financial services like banks are regulated to employ security measures that safeguard user data, they often also prioritize business efficiency and profitability. This dual focus can lead to practices that, may not always align with the highest protection of individual user data.
⛔ Some services use shared encryption keys for users' data, akin to having the same password for multiple accounts. This approach, while efficient for the provider, significantly increases risk. If one user's data is breached, it potentially compromises other users’ data. This is a critical vulnerability, as a single breach can lead to widespread data exposure.
⛔ Service providers have the ability to encrypt and decrypt your data, maintaining full control. This centralized control model can be a risk for users, as it places trust entirely in the hands of the provider, without any user oversight.
⛔ Services often monetize user data by selling it to third parties, sometimes without point in time user consent. This practice not only raises privacy concerns but also exposes users to potential data misuse by unknown third parties.
YourOwn completely flips the script to ensure data ownership, security and privacy:
✅ Your wallet automatically generates unique keys from your seed phrase for each set of data (account info, financial documents, personal identity), enhancing security. This method ensures that even if one piece of data is compromised, the rest remain protected. It's akin to having a distinct, strong password for each of your online accounts and the data sets within them.
✅ You are the sole holder of the master key to your data AKA your seed phrase. YourOwn employs asymmetric encryption, meaning YourOwn itself cannot access data in your wallet, except for basic information (like name and email) for necessary communication. This level of privacy puts you in complete control, vastly reducing the risk of unauthorized access.
✅ Your express consent is required for any sharing of personally identifiable data. This policy ensures total control over your data, with the ability to decide exactly when and what information is shared. This approach not only respects user privacy but also empowers users to actively manage their data footprint.
Ultimately, financial services must protect customer data with a multi-layered approach. It includes multi-factor authentication, firewalls, regular security audits, data masking, anti-malware tools, network segmentation, and employee training. Additional measures include secure software development, robust disaster recovery plans, physical security measures, and continuous monitoring and logging. YourOwn’s approach builds on these industry standards by employing distinct encryption keys for users and their data types, ensuring user control over data access, and requiring explicit consent for data sharing.
References -