Rising crime and data theft in the wake of emerging technologies

Rising crime and data theft in the wake of emerging technologies

As you read through this script an AI-enabled scanner is tracing your eye pattern. It will record how quickly you breeze through this piece of content. The extracted information might be used for analysing your online reading behaviour such as speed and sections of interest. 

(Don’t be alarmed. Keep reading further. This was just a hypothetical and fairly simple example on how consumer data is being used by businesses, for business).

I am not tracking you through this post. But I speak only for myself.

Heat maps have been used for a very long time now to identify how users browse through online content. Pattern studies conducted using this technology largely establish that readers browse through online content in F-shape.

Businesses use this information to optimise their onsite messaging accordingly. As a result, they are able to provide content exactly in the format in which the consumer likes to browse. The pattern works really well particularly for text-heavy websites, making online browsing quick and easy.

Resonating positively with what the consumer wants and desires has become a top priority for every business. In this pursuit, businesses will go to any extent to extract information about their consumers, attempting to know them as closely as possible. Sometimes, this could turn out to be downright creepy for people like you and me.

We are being watched every single second of the day. Our worlds are locked up inside a device that opens only with our unique fingerprints. Are we safe with our information out in the open, stored with data-driven companies? Clever technology has trapped us.

How exposed are you in the World Wide Web

Technology all around you is weaving an inescapable web world-wide. Ordered protein shake for lunch? The next thing you notice, is that your Zomato app flashes a list of high protein foods you could order.

Just checked out Sephora’s latest makeup video on Instagram? The next time you login you’ll have many more sponsored posts waiting for you to click them open.

Top this up with the expectations of an omnichannel world. Businesses are making use of data collected from micro moments to spin a seamless shopping experience. So, if you can’t locate an item while shopping inside the store your app will guide you to the right counter. 

Amazing, right? Easy peasy. Next time, the app will make good use of this data to inform you when the item you just purchased is up for a refill. Good for you, right? Just reorder it with an OTP and the saved card details that autofill as soon as you hit checkout. Easy life is a good life. Until one day you get phished.

By the way, did you know:

OTP theft is more a privacy matter than a technological one. Perpetrators often gain the victim’s trust by dropping a name for reference, which would make the victim trust them. And finding information about the victim’s bank is also easy.” – Source: Economic Times.

 Cybercrime is growing rapidly not just in volume but also in complexity. Look at this identity theft and fraud report for 2015 till 2018. As per Federal Trade Commission, the average amount that consumers paid in these cases of fraud and theft was $375.

cyber crime statistics

If you consider the fraud category cases, imposter scams were the most reported and ranked first among the top 10 fraud categories identified by the FTC. They accounted for $488 million in losses. In 2018, 15 percent of all complaints were related to identity theft.

Needless to say, where businesses are using your information to pave better experiences, impostors and cybercriminals are stealing that same information for malicious acts. Where businesses are using superior technology and data storage platforms, cybercriminals are cutting sharp through the security walls using even smarter machines, codes, and data vulnerabilities.

The other side of the emerging technology coin is ugly. It is the breeding ground for sophisticated crime that feeds on sensitive consumer information. What all is at stake? Let’s read through.

Emerging technology and its ugly side – Your data is in jeopardy

There’s simply no escape from our dependence on technology. There’s in fact no growth without it. Unfortunately, the causal conjunction between data-driven innovation and data-driven infractions is tough to break.

It’s just so easy for companies to tap into consumer data, and it’s being used so beautifully well that hardly anyone would object. I wouldn’t have, until something really startling happened and got me thinking. I had read quite a few stories around the subject but never completely believed.

I still don’t quite understand how a Facebook advertisement could show me the exact product that I was bargaining and street shopping for. Is wiretapping for real? I still have my questions, but this is beyond mere coincidence.

Facebook wiretapping into your phones and related consumer privacy as well as data concerns is a much debated topic today.

As per CNBC’s report, “Josh Hawley of Missouri introduced a bill Tuesday to require the largest social media platforms to give users a way to easily move their data to another service.

The proposed ACCESS Act would apply to platforms with products or services with over 100 million monthly active users in the United States. In addition to Facebook’s core platform, the legislation would also hit two of its key products, Facebook Messenger and Instagram. Google’s YouTube would hit the threshold as well.”

Wiretapping aside, there are far more alarming ways in which your data can be misused, in a blink of an eye.

The most advanced of tech arsenal that was created to secure your identity and enrich your online experience with brands has become the rookery for data theft and identity crimes. I unfold a small part of a huge risk prone glute, for you, with the following examples.

IRIS scan for identity verification

It’s no groundbreaking discovery that our eye pupils form unique patterns that are determined genetically when we’re in the womb but not fully formed until we’re aged about two. However, it wasn’t until recently that technology tapped into this discovery to birth the innovation that the world knows as IRIS scan biometrics.

Iris scan technology

On the surface, IRIS biometrics is one of the most advanced ways (and largely assumed to be a highly secure) method of identity verification. From your phones to your smart homes to airport checks to your banks – everything uses biometrics.

They can identify you as the exact person you claim to be without any documents. All they need is a quick eye scan. Or, maybe a thumb scan. Or, even just a voice command. There’s absolutely no risk of anyone other than you maybe using your passport for traveling. Only you can open and access your bank locker with your thumb or eye scan. Kidding!

Here’s a reality check

A German hacking collective called the Chaos Computer Club, the same guys who also smashed through the tight security of iPhone’s fingerprint sensor, fooled Samsung’s iris scanner. And they didn’t need anything sophisticated like codes or cryptic language for this. All they used was Facebook photographs and a contact lens. You can gorge on the entire story around this here on The Guardian.

Although the latest IRIS scanning technology tries to alleviate such malicious activities where only a photograph is enough to breach individual identity, criminals can easily get around even with these newer technologies. They could, for example, use slow motion video editing from your online videos updated on TikTok – something that almost everyone is crazily using nowadays.

Facial recognition for authorised access

Workplaces are switching to smarter, newer means of employee identification, verification, and authorization. Because the data that workplaces withhold is extremely sensitive, and a competitive resource of sorts, they cannot afford to lose it to the outside world.

Customers’ personal information at the hands of thieves and third parties can be dangerous. That’s why, today, at workplaces employees are being encouraged to use facial recognition. A simple, two second scan of their facial features, authorizes you to enter the office building, login to the most secure of systems, and access highly sensitive data and information.

Research states that the Facial Recognition market is booming. As published on marketsandmarkets.com, the global facial recognition market is expected to grow from USD 3.2 billion in 2019 to USD 7.0 billion by 2024, at a Compound Annual Growth Rate (CAGR) of 16.6% during the time period.

Heavy investments in facial recognition technology are being made relying on the increasing users and data security initiatives, increase in the usage of mobile devices (for which facial recognition equates to ease of login into the device or app), and a few other factors concerned with growing demand for secure identification and access.

That said, facial recognition is nowhere close to being a safe world. In fact, compared to traditional fingerprinting based biometrics facial recognition is rather more acute and far more dangerous when at the hands of cyber criminals.

If someone has your fingerprints, they have only has that much information about you. If someone has access to your facial records, they have your face to identify your name, your address, your social networking account, your social security number, and whatnot!

Another major problem with facial recognition technology is the lack of federation regulations to keep threats in check.

An article published on Wired reveals that even though the UK police are increasingly adopting facial recognition in tracing criminals, the laws around the use of such technology is unclear. As per guidelines given in the Privacy Principles of Facial Recognition, consent is key to using someone’s facial features for identity verification. 

If a person isn’t comfortable letting their face or photos being traced or analyzed, they can outright deny to do so.

Borrowing from the Wired’s story:

“For police officers positioned next to an inconspicuous blue van, just metres from Romford’s Overground station, one man stood out among the thin winter crowds. The man, wearing a beige jacket and blue cap, had pulled his jacket over his face as he moved in the direction of the police officers. The reason for his camouflage? To avoid facial recognition technology that had been equipped to the blue van surveying the street around it. Disgruntled Metropolitan Police officers pulled the unnamed man aside to question him. “If I want to cover me face, I’ll cover me face,” he said.”

How do you use an intelligent technology, then, when the laws and principles around you limit you to do so. And, then, you can’t totally give complete freedom for its usage also. For the consequences of doing so are just as hard hitting.

For example, is there really a need to use facial recognition technology in job interviews? Most of us might think that machines can do most of our work better. But isn’t it super silly to leave it to analyze human behavior and screen their traits?

Trained AI facial recognition algorithms pick up on common patterns in the data to formulate certain biases. For example, the may associate smiles with empathy, voice pitch patterns as confidence, etc. However, human behavior is highly unpredictable.

Can you imagine leaving interview screening to machine intelligence? It could be highly damaging and discriminating against people. Do we have any principles or controls for this? If we don’t anyone can lose their job if an AI doesn’t like their face or voice.

Augmented, virtual reality, and IoT for improved experience

In the age of the internet of things, virtual and augmented reality, online experiences have become extremely satiating. We can now look up products online without having to type in any keywords in the search bar. All that we need to do is point our cameras to the object that we want to look up online, and we’ll be displayed related search options in a minute. So, if you wish to re-order salt of a certain brand you can point the camera to the salt pack and get search results in milliseconds.

Similarly, if we want to see the plan of the floor or the house that we want to purchase, there’s absolutely no need to physically go and check it out. A virtual tour of the plan will give you the exact look and feel of the property. Of course, it won’t give you complete insight on the material quality being used. That’s why limiting VR for this purpose to only the initial stages of purchase is recommended.

The wonders of VR and AR are unlimited. A future where you can have a VR set permanently glued to your head is almost here. Be it something as simple as Google cardboards or a complex system like smart cities, VR has come of age and reached an extremely ripe age. However, unless there is a good monitoring and security system around IoT, VR, and AR, the technology won’t really be ‘wise’.

Take a look at the following screenshot that I’ve taken from SEMrush, for the keyword ‘VR’. The most searched key phrase around VR is VR Porn.

Fun fact: I’d read this somewhere that VR porn is the most searched terms related to VR. So, I cross confirmed this, and found out that this is actually true. The search volume for VR porn is around 450000!

While the VR adult industry is surely booming so is the lurking threat for sextorsion. Things get risky when you watch VR adult content on a device that’s infected with spyware. Malicious elements can extract information about the kind of content you watch online and loop you into a vicious circle.

Because regulations around VR adult content or adult content online are really hazy, just be careful and not to click on any ads or suspicious pop ups or links on social media channels or websites. Or, your information and identity can easily get stolen.

Let’s also talk about smart cities that run on complete data connectivity and aggregated data that’s used in real-time, as an IoT use case.  Such intelligent and smart data has been used in smart cities for a number of things like monitor the most popular parking to analyzing traffic to adjust street lighting to supervise crowded markets ,etc.

These smart cities can also gathering real-time data that does focus on individuals.

Back in 2013, Renew London used sensors installed in recycling bins to track the wifi signals from passing phones. These sensors used the devices’ media access control (MAC) address send out target advertisements to people, based on their movement within the sensor network. So, if you walked past a nearby restaurant, you might see more ads for that particular restaurant. Surprisingly, unlike most websites, Renew London was not legally required to disclose to citizens that their data is being tracked. However, after the matter was met with outrage ensued, Renew had to withdraw the program.

When all your data is so easily accessible to an entity, you really have no way to gauge it from being stolen. That’s the real concern. Laws and practices that need to play the protectors stand weak. Just because voice assistants are so easy and convenient to us, should we be compromising privacy and security? In the absence of properly established and documented laws around them, data privacy and security concerns haunt smart cities.

Smart city residents have little know how and control over what data is being collected and how it’s being used. They have almost no participation in deciding whether and to whom it can be being sold, or about what will be done with it in the future? The line between use and abuse is blur.

What the future holds

It’s hard to imagine a world without all the technological advancements that have been made today. Be it biometrics, VR, AR, or the Internet of Things, each innovation comes with hard to ignore advantages.

People simply love how Netflix can suggest absolutely correctly which series they’d love to watch next. Isn’t it absolutely lovely how technology can help people keep a tab on their ‘to buy’ list and order just in time when their stock is about to finish. On similar lines, IoT can track whether you are out of cooking fuel and send replenishment in time, rather than having to wait for an entire day or more?

Do privacy concerns overshadow these unlimited benefits or is the world simply going to move on sidelining the risks? Technology has arrived a bit too early, I guess. The times ahead are getting intense and interesting.

Share with Your Network or over Email

Leave a Reply