back Back

Top Indian banks fail to collect DPDP-Compliant Consent, study reveals

By Puja Sharma

March 15, 2024

  • AI lending
  • Credit Underwriting
  • Data Management
Share

compliance, DPDPNone of the Top 10 banks are collecting DPDP-compliant consent

IDfy releases report on data privacy and compliance in the banking sector

IDfy, India’s leading Integrated Identity platform, has recently released a report on the “DPDPA Compliance and Indian Banks”, which investigated data privacy in the banking journeys of the top 10 banks in India. The report aims to uphold the necessity of the Data Protection Act and urge organizations to partake in a privacy-centric future.

The report was created after analyzing 25+ digital journeys of the top 10 banks in India. It revealed that 8 out of 10 banks do not mention the personally identifiable information (PII) data collected in their privacy policy, which includes Account number, PAN, and Aadhaar number.

The report indicates the need for data minimization, since while some banks collected the employer’s name, work email ID, religion, and caste to open a bank account, others did not. Education loans are another avenue where an individual’s PII is vulnerable, as 75% of the PII data collected during the educational loan process was found to be sensitive PII data. The report also highlights that 9 out of 10 banks did not have a cookie consent banner and a mere 7% of the cookies found were actually “necessary”.

Ashok Hariharan, CEO and Co-Founder, IDfy, said, “’Data is the new oil’, is an old adage. Responsible use of PII is required if companies are interested in keeping their customers’ trust, and we, as brands, need to relook at how, and for what purpose we are using customers’ data. Business models have to change in order for brands to now build trust in the new DPDP world. As custodians of sensitive customer information, banks play a crucial role in espousing data privacy standards. Our report aims to provide a micro view of the barriers to achieving regulatory compliance, helping banks navigate the complex landscape of data compliance, and ultimately fostering trust and transparency in the financial ecosystem.”

Moreover, the report delineates the obscurity in the banks’ cookie collection practices. None of the banks collected parental consent while processing a minor’s data. The report brings to the forefront the practice of banks asking for needless information like employee designation for home loans or marital and spouse’s details for personal loans, which are not integral to credit underwriting.

IDfy has recently launched PRIVY, India’s only Consent Governance platform for digital data protection and privacy as per provisions of the DPDP Act. PRIVY simplifies user consent, allowing easy review, approval, and adjustments to data permissions, and guides enterprises to ensure consent compliance.

Previous Article

March 14, 2024

AI foils 40% surge in phishing attempts in 2023, research reveals

Read More
Next Article

March 18, 2024

What are the top Cybersecurity predictions for 2024, unveiling new threats and cutting-edge defenses?

Read More





Weekly Case Study

Chart of the Week

FinTech insights exclusively curated by the IBSi’s Research Team

Other Related News

July 19, 2024

SMEs leverage cloud to gain competitive edge, study shows

Read More

July 16, 2024

Rise in sophisticated attacks, state-level threats, and increased ransom DDoS Incidents

Read More

July 15, 2024

Global wealth growth rebounds with major shifts expected by 2030, research reveals

Read More

Related Reports

Sales League Table Report 2024
Know More
Global Digital Banking Vendor & Landscape Report Q3 2024
Know More
NextGen WealthTech: The Trends To Shape The Future Q4 2023
Know More
IBSi Spectrum Report: Supply Chain Finance Platforms Q4 2023
Know More
Treasury & Capital Markets Systems Report Q1 2024
Know More