Data privacy and ATM locator apps

Grace Wilson Marshall

Data security and privacy are the two big concerns in the Internet of Things. The Internet of Things (IoT) can be likened to a “child node” of a “parent node,” in that IoT is an extension of the internet.

IoT is an integration of mobile networks, internet, social networks and intelligent things to provide better services or applications to users. The IoT can connect the digital cyberspace and real physical space, in which the radio-connected intelligent sensors have invaded the physical space, and these are now embedded even in everything from our cellular phones, to our ATMs, to our “toys,” to our office equipment, to our homes.

It is quite evident that these IoT interconnections have introduced all the vulnerabilities of the digital world into our real world. Privacy risks have increased exponentially as objects within the IoT networks collect and aggregate fragments of data that relate to their service. The collation of multiple points of data can swiftly become Personal Identifiable Information (PII) as events are viewed in the context of location, time, recurrence, etc.

Data privacy is only one aspect of the various challenges in the ecosystem of big data, and therefore software developers and AI-hybrid programmers must collaborate with cybersecurity professionals to ensure that they think through the potential privacy risks associated with the development and subsequent release of ATM locator software that customers use to “triangulate” to the nearest ATM (an IoT device), via an internet-enabled computing device, where the Internet of Things interconnect.

New technologies bring new benefits, conveniences and improvements in the quality of life — however, with these advantages comes disadvantages and challenges. The Internet of Things (IoT) produce massive amounts of data, this data must be transmitted, processed in some way, and then potentially stored somewhere (the cloud), hopefully securely. Much of this data is personal data, and some can be quite
sensitive.

This brings data privacy questions to the forefront: How secure is the data that is generated by IoT devices? How can the data owners of ATMs (i.e., banks, customers and app cloud platforms) protect the personal safety and digital privacy of the customers as the data is being generated from these IoT devices? What happens to that data once the ATM location processing is complete? Who can access the
data?

The public received confirmation from Apple, Inc. recently that people (and inevitably their location) have been targeted by spyware — which Apple has called “mercenary spyware” — on their iPhones.

We can deduce that not only “high-profile” individuals are targeted by these kind or malicious software, but criminals can also use these tools to target anyone and/or customers as they search online via ATM locator apps to find ATMs to conduct their financial business. Hence, anywhere that an ATM exists, security challenges compound these IoT devices to now include both personal safety and digital privacy.

IoT security challenges

Prospective consumers, investors and innovators of IoT-centric applications must ponder these germane thoughts — IoT privacy, IoT safety, IoT effectiveness and IoT trustworthiness — with privacy and safety being the two most critical, as Internet of Things extends to everyday items not normally considered computers, allowing them to generate, exchange and consume data with minimal human intervention.

In the book of essays edited by Florence D. Wilson, “Women Securing the Future with TIPPSS for IoT: Trust, Identity, Privacy, Protection, Safety, Security for the Internet of Things,” writer G. Wilson states, “The main security challenges in IoT are ‘child nodes’ challenges of the Information Security triad: Confidentiality, Integrity and Availability (CIA). However, there is nothing ‘childish’ about these IoT security challenges of data privacy, trust and nonrepudiation. It can be argued that IoT security has emboldened the CIA triad with its own set of security challenges, in which each IoT security challenge — privacy, trust and nonrepudiation — is inversely impacted by, and directly related to, a specific leg of the CIA triad.”

Apple, Inc.’s security press release on April 12, 2024, to the public does confirm to customers that their cellular devices, data and real-time location are accessible by criminals and those of ill-refute. Therefore, ATM locator apps development and its usage by customers must lend high priority to personal safety and data privacy, expeditiously.