Different Markets and GDPR
Financial and payment products are naturally very different in different economic markets, cultures, and governing regions throughout the world. While these guidelines have predominantly been tested and researched using American participants, they do note some possible differences in product localization. The most notable difference is the EU's sweeping data privacy legislation enacted in spring 2018.
GDPR is possibly the most restrictive data privacy legislation globally and certainly has required a large effort on all technology companies to change their policies regarding data collection, storage, and policy communication. As Continuous Authentication relies on tracking various data points to identify and authenticate users, the amount collected and timeframe it can be stored in will critically affect the robustness of the system.
01.GDPR is an asset to a Continuous Authentication System
Users always want to feel in control, especially with new technologies and paradigms. This builds trust, which is essential for adoption of Continuous Authentication. For these reasons, GDPR is an asset to Continuous Authentication, since how it is presented to customers will, by necessity, need to be geared towards their comprehension of the value and getting explicit consent.Check out related topics:
User Control, Consent & Autonomy
02.GDPR is a challenge for a Continuous Authentication System
GDPR makes it very apparent what kinds and how much data will be collected from people in a Continuous Authentication system. For this reason, communication is critical, since users need to get why that volume of data collection is necessary, and buy into the fact that MC is helping them be more secure. Without a strong first exposure, and careful content design, adoption may falter.Check out related topics: