Solving the privacy challenge

  • By Phil Kernick, CEO of CQR Consulting

Australian individuals have a new way to transfer money between each other. However, as well as offering clear benefits, the system is also raising some major privacy concerns.

Launched in February, the New Payments Platform (NPP) allows people to transfer funds from their bank account to the account of another person almost instantly.

This compares with traditional inter-bank transfers that routinely take days.

These frustrating delays have been due to the reliance by Australian banks on a batch processing system to manage payments made between them.

While payments between accounts in a single bank can take place instantly, payments to others are handled in overnight batches.

The NPP changes this payment system completely with funds able to move between accounts in almost real time.

Payments and privacy

The NPP uses an addressing system called PayID.

This allows users to change from using BSB and account numbers to instead using a personal identifier such as an email address or mobile phone number.

The logic is that this will make it much easier for people to make and receive payments.

Concerningly, however, many people don’t realise such personal identifiers reveal the name of the account into which the money is being transferred.

This could well be someone’s full legal name which they don’t usually reveal to others.

As a result, someone making a payment can go from having just a mobile number to knowing the full name of the person owning that number – just by making a small payment via the NPP.

It appears the NPP has been designed to solve the functional problem of delayed payment transfers without sufficient consideration being given to the wider privacy implications.

This is of particular concern when you consider the service in the context of Australia’s new Notifiable Data Breach regulations.

Data harvesting

When you start thinking about the opportunities for data harvesting, the situation becomes even more alarming.

For example, an interested company could send a very small amount of money to every mobile phone number in Australia. It would then receive details of the bank account - and potentially the full name - of every person who owns a mobile phone.

A database created in this way could prove very valuable for direct marketing and other activities.

Using the same process, a company could send a small payment to every email address they hold in their marketing database.

If an address has been associated with the NPP, back will come the name of the related bank account.

Solving the privacy challenge

Anyone concerned about the potential for personally identifiable data being made available to third parties can simply choose not to register for the NPP.

Alternatively, they could use an email address created solely for the purpose of NPP transactions.

Then, by linking this email address to a single bank account that doesn’t use their full name, the risk of personally identifiable data being collected by third parties is significantly reduced.

This situation could also be fixed by allowing accounts to be represented by aliases.

The NPP is now fully operational and so fundamental features such as identity controls are likely to be challenging to change.

However, this may well become necessary if notifiable data breaches start to occur as a result of its use. Watch this space.