Banks and Retailers Are Tracking How You Type, Swipe and Tap

There are far more "bad actors" out there trying, and succeeding, in stealing personal info from all of us - financial and otherwise. If the good guys want to find ways to protect me from that, then so be it... There are some comments here about notification that this practice is part of your account, and having to agree or acknowledge that, but would not agreeing then limit the liability of the bank or company if fraud did occur? The days of just checking the little Agree box without reading may be over.

Improving security plus monetizing your personal data. Ain’t America great!

This is innovative way of fraud prevention. However, as the article points out, there are privacy concerns. If the motive is purely fraud prevention, why not make it something the user opts into upon activation? With an agreement to only use this for security purposes? When volunteers agree to a scientific experiment, their agreement details exactly what cases three data from the experiment can be used. If someone wants to use for an additional purpose, they have to get the participant to re-agree or simply collect among a new group that agrees to the new purpose. If the banks are collecting such personal information for security purposes, they should have similar agreement with their users. Some that would agree to have the data collected for security would never agree to have that same data used to determine their health. But more importantly, users should have been alerted about this data collection to begin with, and provided an avenue for opting out. Finally, the technology sounds impressive, but I wonder just how well it accounts for individual variance. Something as simple as a new computer setup or phone system could result in different behaviors, not because there's a new person, but because the person is unfamiliar with their new system.

Hopefully someone will develop an app or program that detects, identifies, and destroys the ability to collect such data on any of our devices.

I think this is a wonderfully innovative idea. Tracking finger movements on a phone is similar to tracking the gait of a person’s walk: Both are unique and hard to mimic. And unlike other forms of personal data (contacts, location logs, browser history, personal interests) that are invasive and perverse to collect, finger movements carry no privacy concerns.

In times past, we used to believe that we shaped our tools, and then they shaped us. Nowadays it appears that we are the tools and we're being used - just as the purchasing consumer has been transformed into a product being bought and sold. Our right to privacy -in all its forms- needs to be protected.

I guess with this sort of tool, as with any tool, it's neither good nor bad. Its goodness or badness is not inherent. Rather, it depends on how society uses it. If it makes online banking easier AND safer, who wouldn't be for it? If it becomes another way for companies to collect and sell your data without you even being aware, who would be for it?

This has assets and liabilities, as much of life does. In some ways identities will be safer yet in other ways individuals could be more exposed. In the age of deregulation as individuals become fodder for ways to be "useful" to corporations and the speed of Congress to do much of anything I have little faith that this concept will attract attention in DC. Sorry for the cynicism but it seems to be the attitude now from forced arbitration to fiduciary responsibility of brokers or financial advisors. Buckle up and take care of yourself as this is the USA?

Let's just give to whoever wants it, also our retina/palm scans, SS# and DNA then call it a day.

We don’t get compensated for being the commodified user, AND as this article shows, we’re not even told how we are being commodified. Similar to the dynamics with social media giants, at some point this insidious model of monetizing our phone use and online presence (often in shady ways!) will need to change.

This is nothing new. As a User Experience Designer, we’ve been using information about users on websites and apps for years. The difference, is how and why we use that data; we gather it to create better, more pointed experiences for the majority of our users. This use of the technology is great, but needs to be checked, encrypted and/or automated with AI or something along those lines. If only our government could catch up with the times.

Most reactions will be devoted to the real dangers of this sort of enterprise when it yields accurate information. Less attention will be given to the likelihood that it does not. Such measurement techniques require extensive and lengthy testing and validation if they are to be developed properly. From the accounts, this is not happening with these privately conducted programs. Furthermore, they are proprietary and hence conducted in secret. Robust and reputable methods are never developed in this way. The consequences for the targets can be serious. These may well be the outcome of an exercise in voodoo, and how is the public to know?

Yeah, I'm sure that all they want to do is "protect" me from fraud. I've got a bridge...

Why would the default be "yes, use my data and information any way you want" instead of "no, you need my permission to use any of my data and you do not have it"!!!!

"...Lots of big companies are using it.” In the interest of full disclosure: Including the New York Times and other media companies... ?

I was shocked to the core yesterday when I went to draw money from my credit union bank account at a "participating" credit union's ATM and the message came up, "You are on You Tube". What? I do not use social media and have asked my friends and family not to post my photo because I want as much privacy as possible. Now a credit union has given permission to You Tube to put me in their system? They must be too cheap to use private security to manage their ATMS and google made them an offer they "couldn't refuse"? I am on vacation right now but when I get back they are going to hear from me. I might even "Get Jesse" on KIRO 7 television. This may be legal but it is Socially Irresponsible. I want my privacy back.

Banks innovating to maintain the integrity of our accounts should absolutely be encouraged. Yes, there are privacy concerns that will be addressed once the algos mature. Yes, the data is always hackable; but in balance - the many benefits outweigh the few risks.

So these companies are performing experiments on us, spying on us and monitoring us without our consent... to the extent that we cannot tell if a problem we detect is a system glitch or an unannounced test of our biometrics. How is this different than playing with our minds?

This is yet another reason why I don't use phone apps for any significant interaction. I'll read news sites, but I sure won't use any banking or credit card apps on my phone. I don't mind them tracking my computer use, since I also don't do much of anything (except perhaps on my bank's website) other than order stuff from Amazon or other retail sites. Nothing critical there. But phones? No way.

This sounds like a great use of technology. More troubling are the difficult decisions on how long to store this information, who is can be shared with or sold to, and who it can be seen by or released to, and limits on government access to it. The days when a business could simply monetize a consumer's personal data are happily coming to an end thanks to reasonable regulation. It doesn't require a sacrifice of privacy for consumers to be given complete control over their information, but it cannot be accomplished by existing models in which customers are simply notified as to how limited their privacy options are.

Banks are always on the cutting edge of fraud detection technology because they are liable for any fraudulent transactions. If they let someone steal your money they have to reimburse you. They are highly motivated. Contrast the credit reporting agencies such as Equifax, who hold much more comprehensive information about all of us, without our consent or even knowledge, and who have no liability for the consequences of security breaches. They are also motivated: to spend and do as little as necessary. But we need less regulation and legal protections, right GOP?

I guess the geniuses behind this haven't figured out that every time I change my password (to something long & non-memorable), *I* might have to cut & paste my own password to log on to a website!

The fact that this is all unregulated is deeply disturbing. Why is the industry allowed to write their own rules?

It seems to me that it's only a matter of time before someone writes software that uses a person's "behavioral biometrics" to mimic that person's use of web sites. And it's already been pretty well proved that no data system is completely safe from hacking. So what looks today like a great new set of security measures for banks to protect their customers' money will very soon turn out to be the opposite: a compilation of the electronic keys to customers' accounts. politicsbyeccehomo.wordpress.com

My car keeps track of how I swipe the door to unlock it. Great most of the time but when I broke my right wrist it wasn’t so great. I prefer two factor authentication.

An interesting side note: this is bad news for advertisers -- unless they are somehow ahead of the game themselves. If companies can see how the user interacts with their site - they could also see how s/he interacts with ads -- and how counterproductive much advertising is. Also how does this related to the sticky popups - I remove applications that have been inserted constantly - and other intrusions that seem to come with frequent use of online sites? I KNOW the forces out there can outsmart me - will privacy protections keep pace?

Understandable, but what insurance do we have that sensitive information won't fall in criminal hands? Short of hiding in a cave, detached from all electronics, what are we to do, privacy be damned?

Why anyone would trust the keys to one's financial kingdom on a device that's so easily lost, stolen, and hacked is beyond me.

A private bank would call to confirm any transfer, especially anew one for 7 figures.... don’t need bio metrics to replace sound banking and financial checks and balances already in place at most banks. “Someone was trying to set up a new payee and transfer a seven-figure sum,” he said. “We were able to intervene in real time and stop that from happening.”