Facebook & Cambridge Analytica Scandal: Protecting user privacy data from improper access - XTN Cognitive Security

Milan, March 23th

Everyone’s digital identity is made of lots of behaviour, contextual, preference and opinion-based data that we produce day by day in our interaction with modern technology platforms. These data are very often privacy impacting regarding our behaviour in shopping, religious, political or ethical preferences, family and friend entourage, geographical and social collocation. Much more often we are assisting in very scaring news reporting how our personal information is used or abused outside the original scope of their collection. Cases like Facebook (Cambridge Analytica affair) of data breaches like Equifax (2017) or Yahoo (2013) are concerning public opinion and governments and are showing to the entire world how devastating impacts these events could have when data goes to the wrong hands: political, market manipulation to name just a few. In a matter of fact, very few Providers cares about final user’s privacy while processing their data. A lot of useful information for user profiling is also collected through malware designed specifically for this purpose and today there is still no sensitivity, even from those who develop the app, to “protect it” and “control it” in order to avoid these situations.

 

Approach

What we do at XTN® is to consider as a top priority protecting the privacy of your digital users. For this reason we have designed mobile app focused solutions to help our customers to protect their digital users with high security standards and maximum service flexibility, in particular to protect users from: the presence of malware or trojan installed apps that could exfiltrate privacy data from the device as SMS messages, contacts or to impersonate a legitimate app (banking, social, email, gov), detect dangerous context where privacy impacting information should not be saved or accessed.

As a general rule we decided to collect the minimum information needed for the risk evaluation and keep them for the strict amount of time needed to provide the service.

(P.P. 2018)