I briefly considered connecting my credit and debit cards to Datacoup, but their dialog box set of warning bells. It asked for my card number and my online banking password. These are the same as my online banking credentials. In principle, with that information, Datacoup would be able to log in to my bank's website and drain my accounts.
It seems incredibly foolish to give this information to ANYONE over the internet. Why should I trust Datacoop with it? That's not a rhetorical question.
My bank tries to drill it into me that I should NEVER, EVER give my password to any third party, including employees of the bank. This behaviour from Datacoup certainly seems like a big red flag to me.
They do say this, though:
"Datacoup neither sees nor stores any bank or credit card user login information such as username or password. The communication to the bank is hashed and the access point is tokenized, which means we cannot decipher a password even if we wanted to. Datacoup never sees nor stores account or routing numbers."
Did they redirect you first to a secure web page from the bank, and is it this page which asked for the credentials? If what they say above is true, then (I think) this is the only way in which this should happen.
You could investigate the people in charge of the company and their backers. If you think they have more to gain by draining a small number of peoples bank accounts than they have to lose by committing a federal fraud crime then don't use them. Obviously any evaluation would also depend on the credibility of the information presented on the website about those individuals.
I don't make any purchases with my debit card, so I would only link my credit card, which has pretty solid fraud protection. I'd probably be more way about cash accounts.
CC info is no doubt a daunting ask but it is valuable information when it comes to monetizing data about us.
This space of personal data monetization is a huge trust exercise. The relationship has be developed with the user, almost at an individual level, for them to share their data from across platforms. Many of us are more willing to part, based on the knowledge that it's already happening and we should take part if we want something in return. While others are more hesitant and need to see the value (or other's adopting) before jumping in. And there are many others who it doesn't speak to at all - this includes folks who go out of their way to never post a photo of them online. To each their own :)
The path is evolving though, where users will have more control and gain an increasing amount of value from their data. But it's a longer term game - because the trust needed to get to the intimate information about users takes time to develop but is priceless once it's there.
Disclaimer: I am the co-founder of Powr of You (www.powrofyou.com), startup in the same space.
Asking for your banking credentials does not worry me. I would need to look more closely at this particular one, or even contact their customer support to see if they have in-house security (the cyber kind) and what certifications they have, dates and nature of audits etc. I worked for a company like this as a software engineer and know the lengths they go to ensure there is minimal data on their servers that could be stolen. And yes, this could mean your data is sent to a third party. Sometimes it's more cost efficient and secure to use a third party scraper which hands back a token for access and pays for all the security stuffs to keep your data safe.
What DOES concern me as that the whole purpose of this service is to correlate data about you that is otherwise behind locked doors and explicitly keeping identity information intact. The services profit from your data and it's sale would far far out way any individuals.
Mint doesn't ask for your CC number. Seems reckless and dangerous, not to mention daunting for the user.
By giving credentials AND cc numbers to a 3rd party (something credit card issuers say never to do), I'm in-effect condoning any actions that happen even if I don't make those actions.
Isn't it like handing the CC issuer a signed letter stating they need not worry about fraud protection, as I'm authorizing all transactions and will agree to cover them?
From an attack angle, now I have to trust that Datacoup will remain secure in all its interactions and that they will never suffer intrusions or decide to change their stance in the future (acquisition?).
Conceptually I love the idea. I have thought about this business idea for a long time, but never got over the issues with it to pursue it.
The main insight I got when doing customer interviews was that many people don't like the idea of others accessing their data when its raised to the foreground, but are perfectly ok with it when it's "hidden". The other issue is that the amount of cash required to make this interesting for the avg. person is relatively high.
On the business side, when interviewing VPs Marketing/Sales, the #1 question asked was "What additional value does this bring beyond what we already have?". This is a valuable question to answer b/c massive amounts of data are already collected on each one of us. To be valuable, a business like Datacoup needs to convert this data into insight that can be used to help companies to sell more.
With all of that said, I hope Datacoup is successful. It's a great idea and one that I personally like.
> On the business side, when interviewing VPs Marketing/Sales, the #1 question asked was "What additional value does this bring beyond what we already have?".
It's true that massive amounts of data are being collected, but the better value proposition for customers to sign up is: "Billions of dollars are spent by companies on advertising; you deserve a slice of that."
>The other issue is that the amount of cash required to make this interesting for the avg. person is relatively high.
I also ran into the exact same dichotomy when sussing out this idea, namely that people don't mind monetization of their data exhaust/patterns "for free" or in nominal exchange for a foreground service, but being asked to give this in direct exchange for monetary compensation makes them demand a very high premium for the exact same data.
EDIT: Personal.com is establishing a track record of securely consolidating and storing sensitive information. I can't help but think that controlled sharing of personal information (extending beyond core password/address/credit card/banking details) will be their next big push.
I think he was saying, what value does this add for marketers (i.e. those buying the data)? They already have many ways to get users' data, and at (likely) a lower cost.
Oops missed that completely; thanks for the clarification! For purchasers, the short-term value-add would be: a) another verified channel of specific user-preferences; b) potential for high-touch permissive advertising (e.g. let me pay you $0.10 so I can spam you because you have a potentially higher conversion rate due to all the extra details you let me access).
Data vaults like DataCoup are in essence trying to appeal to purchasers by initially demonstrating large reach (similar to newspaper/magazine/website exposure to raw number of eyeballs), and up-sell the ability to more quickly and more accurately zone in on attractive demographics, down to the individual level, than a competing 3rd party ad-broker harvesting browser fingerprints + cookie combinations or Amazon/Google.
Form example, individuals may eventually sell a list of companies they: "have bought from; may buy in the future; commit $X to buying within 90 days."
Also, individuals can be made aware that prices for their information tuple assets may devalue if they specify faulty or inaccurate information (e.g. selling information stating that they would buy $X from a company in category Y within 90 days, but failing to actually follow-through). This is rather similar to a credit score, except a "purchaser" or "consumer" score may be a more accurate description.
This isn't to say that everybody would choose to participate in such a program or give up such information willingly, but at least this level of hyper-personalization and ad-bidding would become available (in theory!) to both the data purchaser and the end-customer, eventually.
EDIT: Data vaults all aim to become canonical ad-broker exchanges as the next step in the evolution of agency ad & media trading desks[1]. If this sounds like trading in the financial sense, it absolutely is. No coincidence that the founder of DataCoup is an ex-bond trader[2].
I was really hoping this was like Google Takeout, but with adaptors for all different sorts of services. I thought the value prop would be to backup and analyze your own data, not to sell it to the same people who already creep everyone out when Facebook sells them your data.
We're launching the exact thing you describe which also includes an API later this week. We don't plan to be a data broker just to let you backup all your data from any source and provide you with an API to access that data. We're Muxy.io
Reminds me of an art installation that worked like an ATM for your data. You plug in your cellphone and based on how much data it was able to scrape it would dispense money. Usually less than a buck. Was interesting to see how many people were willing to try it.
The most intriguing possibility here, IMO, is the ability to show other people how much those free services really learn about them, and how much they sell.
This older article indicates that DataCoup was originally paying beta subscribers $8/month for their data[1]. Always risky trying to seed two-sided markets, but the rewards could be substantial if they can establish their credibility over the long run as personal data-brokers.
"Datacoup is lining up data purchasers to sustainably purchase data on the platform. However, to get the ball rolling, Datacoup is the primary purchaser of your data."
That's what they're attempting to establish in a nascent 2-sided market where, by other proxy measures, the value of personal information is close to zero for large swaths of the uneducated digital population.
I use the word 'uneducated' because presumably the working hypothesis is that once data-awareness is raised (i.e. "you can actually get paid to share your data!"), the corresponding market-price of various personal information tuples/assets will rise.
EDIT: As a single other data point, AT&T's cable division called U-Verse is offering a fiber plan called GigaPower that effectively pays subscribers $29/mo for their participation in the AT&T GigaPower Internet Preferences (i.e. consensual data-mining) Program[1]. The "payment" is offered in the form of a price delta between the Premier (i.e. data-mined) tier for $70/mo, or the Standard tier for $99/mo[2]. So, at least one large corporation believes that household web browsing data is worth $29/month which is a good proxy for a price ceiling on how much personal data could be worth in the medium term.
Can't find many reviews (1) of the service provided, and for some reason I'm wary of the responsibility of selling my own data. Has anyone tried this service?
wtf, a person's data spread over 6 accounts must be worth more to you than 1 dollar a week. i mean i understand buying low and selling high, but this is bs, this service is taking advantage of the public outcry over privacy by giving people incentives to sell themselves online, because online you are your data. go get a real job mate!
It seems incredibly foolish to give this information to ANYONE over the internet. Why should I trust Datacoop with it? That's not a rhetorical question.