In the last few months, privacy has been the focus of may discussions following huge data breaches making headline news the world over.
Some examples of the latest data breaches:
- Heartbleed Bug: an estimated 500,000 of the Internet’s secure web servers certified by trusted authorities were believed to be vulnerable to the attack when the flaw was discovered. This leaves the door open for theft of the servers’ private log in data as well as users’ session cookies and passwords. For the mobile world, Android systems running 4.1.1 and Jelly beans are still said to be affected.
- Coca-Cola: a former employee stole 55 laptops containing unencrypted personal information on about 74,000 people.
- Snapchat: a security gap in January resulted in the phone numbers and usernames of up to 4.6 million accounts being downloaded by a website called SnapchatDB.info.
- Target: data breach of personal data, credit card data and encrypted PIN numbers from debit cards from more than 70 million consumers.
- Adobe: nearly three million customer credit card records and login data for an undetermined number of Adobe user accounts were impacted by an attack.
- NSA: U.S. suffered what is regarded as one of worst leaks of classified material in its history. Booz Allen Hamilton IT contractor and infrastructure analyst Edward Snowden had access to and leaked classified materials to media outlets.
Data breach consequences:
- According to IBM Global Study on the Economic Impact of IT Risk conducted by Ponemon Institute
“Lost revenues, downtime and the cost of restoring systems can accrue at the rate of $50,000 per minute for a minor disruption.”
- According to Source: The economics of IT risk and reputation: What business continuity and IT security really mean to your organization, September 2013
“Estimated Reputation-Related Costs resulting from disruption to business or its operations over the next 24 months”:
- Minor: $20,929
- Moderate: $468,309
- Substantial: $5,274,523”
Apart from the financial implications of the above data breaches, one far-reaching consequence is that users are now becoming much more aware of the possible dangers of allowing their data to be accessed indiscriminately. Reluctance to allow access to their data will become a major concern for developers who need it to have a properly functioning app. However, steps can and must be taken to avoid a situation where users do not share any of their data for fear of misuse.
Below is our recommendation on what you should do to establish a relationship based on trust and providing a setting where your users feel comfortable sharing their data.
It is important to understand privacy and put in place appropriate legal and security measures. Understanding privacy matters linked to mobile application solutions will play in your favour and help you retain your customers.
By tackling privacy from the outset of the development of your app, you will gain customers’ trust more rapidly. We recommend you give your users the choice on whether or not to share their personal data as well as explaining the reasons for which the data is being collected.
Users should also be given the possibility to go back and change the permission status easily. The idea is not to overload users with pop-up notifications at each step of the process but rather, allowing them to be in control of their privacy without unnecessary complications. A great way to do so is by adding a wizard that will guide them upon first using the app which provides a demo on how to manage their data.
Moreover, by carrying out audits of your current application on a regular basis you will gain your current users’ trust. The impact of the latest breaches of personal data are raising awareness amongst customers who are becoming more demanding in regards to their privacy settings. We recommend you should lead proactively and adhere to the latest industry recommendations by adjusting your user journey accordingly.