Privacy by Design for Financial Services Organizations in the GDPR Era

Share this post:

GDPRFinancial services organizations are a critical part of the infrastructure of the world’s economy. Like all companies, they need to win new customers and differentiate with innovative products and services. To do this they rely on customer data to improve financial risk models and generate valuable insights about who their customers are and what they want to buy. However, more than most, financial services organizations are required to maintain high standards of data quality and integrity and to comply with a multitude of regulations, such as Europe’s new General Data Protection Regulation (GDPR). GDPR came into effect in May 2018 and impacts all organizations that offer goods and services to EU citizens. GDPR drives substantial changes in the current model of personal data processing and business-to-business data exchange.

Our research team of data privacy experts at IBM Research in Dublin and Zurich have developed next-generation technologies that help financial services companies manage their data effectively in this era of heightened sensitivity to data privacy and security. They have created an end-to-end privacy framework which understands what data privacy looks like for a modern business. This work has focused on developing state-of-the-art solutions for protecting data using a number of approaches including data tokenization, pseudonymization, PI discovery, risk assessment, masking and anonymization.

IBM Research innovation is also behind the cutting-edge data privacy technology at Trūata, a data anonymization and analytics company founded by Mastercard and IBM. Trūata provides businesses with an award-winning end-to-end solution that includes data hosting, data anonymization and powerful analytics tools to distill safe, secure and valuable insights from anonymized customer data.

IBM Research’s advancements in tokenization, risk assessment and data anonymization help Trūata’s clients unlock powerful insights from their data while ensuring regulatory compliance. Our unique risk assessment framework allows the evaluation of a data protection strategy against individual re-identification, inference and linkability attacks, while providing insights of the enforcement steps that need to be executed.

Trūata is now expanding its operations and opened a new headquarters in Dublin, attended by Arvind Krishna, IBM SVP Cloud and Cognitive Software; Sebastian Krause, General Manager IBM Cloud and Cognitive Software Europe; Paul Farrell, Country General Manager, IBM Ireland and Wendy Belluomini, Director of IBM Research-Ireland.

L-R: Martina Hund-Mejean (Mastercard), Arvind Krishna (IBM) and Felix Marx (Trūata) [Source: Trūata]

With advanced data anonymization and analytics technologies from IBM Research combined with the security of the IBM Cloud, Trūata offers companies a way to extract the maximum value from data without compromising privacy. With changing societal attitudes and increasingly complex regulatory environments, independent anonymization and analysis of data is something that data-driven companies need to consider.

As financial services companies are turning to AI and cloud to advance business opportunities, having this ability to understand, quantify and manage data risk and utility—at scale—is critical to their success. Furthermore, emerging regulations on machine-to-machine data privacy will challenge current assumptions about how machine learning and AI will continue to develop and be deployed for businesses. Future regulations will require new innovations for the creation of AI models under such conditions whereby the transfer of data (and metadata) between systems is much more limited than it is today.

In today’s exploding data economy, the data privacy framework developed at IBM Research can help companies map out and execute a data privacy strategy using a comprehensive workflow structure that is vital when working with large datasets containing sensitive data.

IBM Research-Ireland

Michael Osborne

IBM Research-Zurich

More Security stories

Harnessing Gallium Phosphide for Future Information Technology

In the paper “Integrated gallium phosphide nonlinear photonics”, recently published in the peer-reviewed journal Nature Photonics, we report on the development of high-performance photonic devices made of the crystalline semiconductor gallium phosphide. This work represents a breakthrough in the manipulation of light with semiconductor materials integrated on a chip. It opens the door to a […]

Continue reading

Speculator : A Microscope for Spectre-like Attacks

Ever since the discovery of Spectre and Meltdown at the beginning of 2018, my team at IBM Research – Zurich and I have been focusing very closely on the study of transient execution attacks. Beginning that journey, we quickly realized that in order to study transient execution attacks, we first needed to observe and understand […]

Continue reading

Crypto anchors and blockchain: a strong alliance against supply chain fraud

If you are a wine collector, chances are your vintage bottle doesn’t contain the rare, expensive wine it is supposed to. The same goes with consumers of extra virgin olive oil or expensive brands of whiskey. While counterfeits of luxury goods are a nuisance and can cause sizable economic loss, there are even worse sorts […]

Continue reading