The Importance of Trust: Why Responsible Data Use is Crucial for Financial Institutions
In today's fast-paced digital world, data is the new currency. Developing modern, fit-for-purpose products and services increasingly relies on data to not only drive market fit and product strategy but also increasingly tap into artificial intelligence to keep up with consumer demand.
However, data collection and use includes one crucial caveat: the need for trust. Maintaining the trust of consumers, regulators, clients, and other stakeholders in data gathering is paramount for companies like Visa. Without sufficient sources of quality consumer-permissioned data, organizations are likely to have a competitive disadvantage compared to those who capture it in a sustainable and responsible manner.
Consumer trust in data sharing is quickly eroding. The proliferation of data breaches, cybercrimes, identity theft, and data mismanagement are amplifying consumers’ concerns and leading to less participation in the digital economy.
Rigorous systems and processes can help prevent some of the damaging situations resulting from these events, but building consumer trust in the efficacy of these systems is just as important. Consumer trust cannot be taken for granted; it must be consistently earned and maintained over time. Consumers need to feel confident that their data is being handled responsibly and securely by financial institutions. Without trust, consumers may be hesitant to share their data and participate in the digital economy, which can limit the market reach and economic potential of companies bringing innovative digital products and services to market.
Regulation and Policy is Transforming How Data is Used
Various forms of regulation and policy are changing the way companies gather and manage data. Privacy regulations, such as the European Union’s General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA), aim to protect the privacy and rights of consumers by governing how their data is collected, stored, and used by companies.
From a policy perspective, simply keeping up with the pace of technological change can be challenging. But governments must find ways to encourage innovation while also protecting consumers and advancing inclusive economic policies. This is easier said than done; as a result, the regulatory environment can often lag behind market developments (World Economic Forum, 2018). To add to the complexity, policymakers’ motivations for regulatory intervention can differ across jurisdictions. According to the Institute of International Finance (IIF), governments intervene for a variety of reasons, including in support of law enforcement and privacy protection.1
Meanwhile, an IFAC report states that the piecemeal approach to regulation in the financial sector is costing the global economy $780bn a year. A better understanding of data privacy and an interoperable regulatory framework would be beneficial for all.
Through the Lens of the Consumer
Since 2019, Visa has run a series of consumer-facing surveys to understand the public’s views on data sharing. Nearly 45,000 consumers participated in the most recent Consumer Empowerment studies spanning 2020 to 2023, consisting of both face-to-face interviews and online surveys, from both developed and developing countries around the globe. In the Middle East and Africa (MEA), Visa surveyed four markets – United Arab Emirates, Saudi Arabia, Nigeria, and South Africa (2022).
The study explored four key themes:
1. Consumer perspectives on how companies use data and privacy policies;
2. What factors are important to consumers in influencing their decision to grant companies permission to use their data;
3. Consumers’ desire for control over their data; and
4. Consumer sentiment on the security of online shopping.
The survey results have been relatively consistent across the globe, with some unique findings. Let’s take a look at the highlights.
How do Companies Treat Data Privacy?
Visa’s study revealed that, globally, 52% of consumers believe that companies use data policies to protect their legal interests.2
Consumer sentiment in the MEA largely resembles that of the global consumer. 53% of UAE consumers felt that companies use data policies to protect their legal interests, compared to 45% of Nigerian consumers, 45% of South African consumers, and 44% of Saudi Arabian consumers.
Alternatively, 31% of global consumers felt that companies use data polices to educate consumers on their rights. In the MEA, more UAE and Saudi Arabian consumers held this view, with 43% of UAE consumers and 41% of Saudi Arabian consumers agreeing that companies use data polices to educate consumers on their rights. Nigerian and South African consumers, on the other hand, were less likely to agree with this view at 29% and 24%, respectively.
Furthermore, when asked whether consumers believe companies use their data in accordance with the consent granted (only 39% globally), more consumers globally (49%) believe that companies use their data beyond the terms of the consent.
Across the MEA, we see similar trends. A majority of consumers in South Africa (63%), Saudi Arabia (57%), and Nigeria (55%) believe that companies use their data beyond the terms of consent. Interestingly, fewer consumers hold this view in the UAE, with just 40% of consumers feeling that companies use their data beyond the terms of consent. In the UAE, the majority of consumers (52%) believe that companies use their data in accordance with the terms of consent. Fewer consumers hold this view in Nigeria (44%), Saudi Arabia (39%), and South Africa (34%).
These results share one common theme – that consumers generally believe that companies are “selfish” when it comes to data privacy.
How Can Companies Influence Consumers’ Decisions to Share Data?
The next research area examined the important factors that influence a consumer’s decision to share their data. At the top of the list was a consumer’s desire to know how their data will be used. 64% of global consumers rated how companies use their data as very or somewhat important when deciding whether or not to grant companies permission to collect and use their data. Second and third on the list was a consumer’s ability to change their permissions easily (59% rated this as very important) and the type of data being requested (58% rated this as very important).
Factors that were considered least important in influencing a consumer’s decision to share their data include: if it will improve the quality of the service provided, the personal benefits a consumer will receive beyond primary services, and if they were paid for their data. Only 42% of consumers ranked being paid for their data as a very important factor in helping them decide whether or not to share with companies.
These results illustrate that above better services and personal benefits such as being paid for their data, consumers care more about how their data is being used, the type of data being collected, and the level of control they have over their data once they decide to share it with companies.
As Michelle Gervais, Vice President, Global Data Science at Visa, says: “This brings us to trust - a foundational layer of any engagement. If the trust of consumers is not won, even offering personal benefits might not be enough”.
Do Consumers Care about Controlling Their Data?
Next, the Visa study explored consumer preference for having control over their data. Globally, 77% of consumers wanted to at least have the option to control their data – 52% of global consumers wanted the option to have more control over their data, while 25% wanted to have direct control.
The MEA markets largely followed global consumer preferences. 89% of UAE consumers, 83% of South Africans, 77% of Saudi Arabians, and 76% of Nigerian consumers wanted to at least have the option to have control over their data. The preference for direct control over their data was highest in the UAE, where 32% of consumers want direct control over their data, compared to just 24% in South Africa, 21% in Nigeria, and 17% in Saudi Arabia.
With a vast majority of consumers in the MEA and globally who want more control, companies need to consider how to enable and empower consumers to have more control over the data they share.
Do Consumers Feel that Online Shopping is Secure?
When it comes to how secure consumers feel online shopping is, global results from our survey indicate that 25% of consumers feel that online shopping is very secure. While consumer sentiments in the MEA were roughly in line with global numbers, UAE consumers had a more optimistic view, with 37% of consumers feeling that online shopping was very secure.
This number varied greatly across countries. Brazil showed the highest level of confidence with 45% of consumers believing online shopping was very secure, while New Zealand was skeptical at 17%. Japanese consumers had the lowest level of confidence with just 8% of consumers believing that online shopping was very secure.
With low levels of confidence in the security of online shopping, providing consumers with more control over their data and transparency about how their data is being used will help companies build more trust with consumers.
How Visa is Addressing Privacy Concerns?
As Walter Lironi, Senior Vice President, Head of Visa Consulting and Analytics at Visa CEMEA, says: “Visa is focused on understanding and addressing consumer views on data privacy and making it a top priority in our operations. We are committed to building trust with our customers by implementing robust measures to protect their data”.
One of these strategies is consent management. Looking at it from the perspective of a product, Visa has explored concepts for ‘Consent Wallets’ and ‘Consent Asset Managers’ that allow granular control of a consumer’s data and the ability to allow or withdraw consent at any point.
These concepts have garnered positive feedback from consumers in our global market research. 41% more consumers consider granular consent permissioning (providing more transparency and control over what data is collected and how it is shared) as a better way of doing business compared to traditional terms and conditions consent experiences. In addition, 57% of consumers stated they would definitely or probably use a consumer ‘Consent Wallet’ and 55% of consumers would definitely or probably use a ‘Consent Asset Manager’.
Furthermore, Visa is developing enhanced privacy capabilities to empower consumersregarding the privacy of their data. While market testing this concept, 80% of consumers found the enhanced privacy offering appealing, 72% of consumers would switch to a bank that offers enhanced privacy capabilities, and 78% of consumers would switch card brands to take advantage of enhanced privacy capabilities.
To support the broader ecosystem in providing more transparency and control to consumers, Visa published the multi-stakeholder, peer-reviewed Visa Consent Management Guidelines. It is an industry and organization-agnostic blueprint for building a consented data-sharing ecosystem and is available to test.
Protecting Shared Data
As a longer-term investment, Visa has been exploring ways to leverage data while incorporating the principles of privacy.
One of these is the development of Privacy Enhancing Technologies (PET). This technology strips the parts of data that can personally identify a user, making it desensitized and generally safer for the user.
Another use case is multi-party aggregation, where two companies share data in order to build a model and analyze it across different data sets while keeping the data encrypted and not transferred. This would allow companies to garner richer and greater insights while protecting the privacy of the source data.
Data traceability is another concept being explored with relevance to both companies and consumers. Through this technology, data can be watermarked in a way that would allow consumers to track where their data was sourced from, no matter how many different parties it passes through. Visa has partnered with the Massachusetts Institute of Technologies (MIT) Future of Data Initiative to develop these solutions. The project kicked off in April 2023 with the release of an Accountability and Traceability Whitepaper and Research Roadmap.
Data Infrastructure Advisory
Visa’s commitment to addressing consumer data privacy extends to the broader payments ecosystem through Visa Consulting & Analytics, which assists clients with improving their core payments business operations. As part of this offering, Visa can help clients address data infrastructure challenges. “With the expertise Visa has developed over the last few years focusing on data privacy, we help clients manage data privacy concerns using both international best practices and the latest in technology that we’ve developed”, explains Walter Lironi, Senior Vice President, Head of Visa Consulting & Analytics at Visa CEMEA.
Visa’s Focus on Building Trust
The changing regulatory context around data sharing, coupled with increased consumer interest in controlling their data, makes responsible data use a prerequisite for companies seeking to maintain the trust of consumers. Visa’s comprehensive approach to trust extends to all aspects of its operations in a dynamic way. Visa has committed to a continued focus on trust-enabling technology and protocols to support consumers’ trust in digital commerce.
“Trust is the foundation upon which data-driven products, propositions, and innovations are built. By prioritizing data privacy, security, and ethical use, and by establishing robust measures such as consent management, responsible data use, and a data infrastructure advisory, Visa aims to build and maintain that trust among consumers”, says Michelle Gervais, Vice President, Global Data Science at Visa.
Building on the tremendous amount of work done, Visa is committed to providing personalized expertise to its clients and the support they need to move forward, creating a more trustworthy and efficient way of doing business.
Click here to revisit the video discussion with Visa’s Chief Data Officer, Bob Hedges and Head of Visa Consulting & Analytics, CEMEA, Walter Lironi, who delve into the world of data privacy and data sharing.
Stay current with the latest payments insights from Visa Navigate CEMEA - subscribe today.
All brand names, logos and/or trademarks are the property of their respective owners, are used for identification purposes only, and do not necessarily imply product endorsement or affiliation with Visa.
1 Visa Economic Empowerment Institute, Global economic cooperation: Writing the rules for the digital economy, 2022, https://usa.visa.com/content/dam/VCOM/regional/na/us/sites/documents/veei-global-economic-cooperation.pdf
2 Visa Consumer Empowerment Study, 2022