Yabx is at the forefront of digital lending. We enable formal financial services to the unbanked/under-banked customers by leveraging their digital footprint through mobile data. This is achieved by processing huge amounts of data including Personally Identifiable Information (PII) to identify unique behavioral traits and create a financial identity for the customer.
With data being the most valuable asset; cyber-attacks are getting more targeted and damaging. It is a tempting target for criminal activities such as Identity theft; fraud and social engineering attacks. It goes without saying that companies should protect PII & other customer information. Digital industries are subject to compliance standards, there are crucial legal implications associated with privacy laws. Failure to abide by them leaves companies open to highly targeted cyber security attacks, heavy regulatory fines, and loss of customer trust & loyalty.
Data Privacy & Data Protection: Two sides of the same coin
Let’s take of an example to understand how Data Privacy & Data Security go hand in hand:
When a customer makes a transaction digitally, he is trusting the service provider and payment system with his personal data protection — to make sure, among other things, cyber criminals and other third parties can’t access the information without consent. But the customer also trusts that his right to privacy shall be honored by not misusing the information even though he provided it.
With data being at the heart of our business, Yabx is aware of the opportunities & risks involved. We try to abide by international GDPR guidelines focused on protecting user data and creating transparency to safeguard customer’s interests in data safety as well as privacy.
Few of the best practices Yabx follows are:
- Consent Management: Only if a customer gives consent; his information shall be collected, stored and processed. At any time; the customer has the right to opt-out/request to be forgotten.
- Data Anonymization – PII data is either encrypted/removed to ensure that the identity of the customer remains anonymous.
- Safely handling the transfer of data across borders: SSL Communications the backbone of our secure Internet and it protects sensitive information as it travels across the world’s computer networks.
- Encryption Management- All the personally identifiable information & other important data, be it a password or a bank account number of the customers, are encrypted safeguarding against any possible attacks/identity thefts. The data is encrypted at all times; at rest (when stored) or in transit (transfer).
- Systematic Classification- Customer’s info/data is systematically classified and our log files don’t contain any of the sensitive information like PII, passwords, account numbers, etc.
In recent years; there have been numerous instances of Data Breaches – Equifax, Uber, Facebook’s Cambridge Analytica are few of the major ones which impacted millions of customers. Yabx takes lessons from the mega-breaches and understands that standard security standards should never be ignored and that contingency planning is very critical.
Ensuring Data Protection – Raising the bar of Security Standards & Building Trust
While date safety is of prime importance; we cannot deny the importance of data privacy. Yabx believes that while technological safeguards are extremely critical; trust plays a central role in ensuring data privacy. In a nutshell, we see data protection as securing data against unauthorized access & cyber-attacks; while data privacy as an opportunity to build customer trust.