In a store or online, many of us pay for our purchases by card. The bank is therefore aware of our consumption habits, our movements, the place of purchase… These are the “payment data”, not to be confused with the “purchase data”. But what can the bank do with all this information?
You will also be interested
When paying by card, the bank records “payment data”: amount of the transaction, date and time of payment, identity of the merchant, etc. However, it does not have access to the details of the products purchased called “ purchase data”. When paying online, things get complicated because purchase data can be disseminated between many players, “including banks”, explains to AFP Aymeric Pontvianne, finance and innovation adviser at the National Commission for information technology and freedoms (Cnil). “But they have no interest in making the history of this data”, he believes, because their customers expect a strictly banking service and “would certainly react very badly” to see that their bank traces their purchases. .
” Trust in banks for data management is a huge capital, we have no desire to play with that”, confirms Sophie Heller, Head of Commercial, Retail Banking and Services at BNP Paribas. In addition, merchants are jealous of their customers’ purchase data because sharing it with banks would give too many indications of their performance. Mr. Pontvianne believes that data sharing can occur between a distributor and a banking player in a specific case: that of loyalty cards which also act as a payment card. In general, distributors have, to operate this type of card, a bank subsidiary with which they can share data without fear since it is part of the same group.
The consumer must nevertheless give his consent first, as required by the General Data Protection Regulation (GDPR). And beware of those who are unclear on the subject: Carrefour and its banking subsidiary were notably sentenced in 2020 to a fine of 3 million euros by the Cnil for having failed in their duty to provide information on the Pass card. The data constable, however, indicated that the group had then made “significant efforts” to bring itself into compliance.
The use of “payment data” has limits
Historically, banks have access to payment data to allow their customers to assess their expenses, advise them and for anti-money laundering purposes.silver. These data are protected by bank secrecy.
The bank does not have the right to establish a “profile” of its customers from their data
Subject to specific consent from their customers, they may also use them for marketing purposes. In this case, a bank can analyze a customer’s payment data to promote certain services of its subsidiaries to them in a targeted manner. For example, if a person spends a lot of money on insurance or fuel, he can offer him his own insurance or his car rental service. electric car.
The bank does not have the right to establish a “profile” of its customers from their data which would risk depriving them of certain rights: for example, refusing credit or insurance because a customer regularly makes purchases at the pharmacy and could therefore potentially be affected by a disease.
Are banks the only ones who can know this information?
Banks are not the only ones to hold information on our habits because the means of payment have multiplied in recent years and purchases digital have created “ more movements data that is less predictable “says Aymeric Pontvianne. Some start-upbank account aggregators or major digital platforms that develop means of payment can thus have access to a large amount of data, sometimes without being transparent on the subject.
For the Cnil, the only solution to maintain anonymity in its payments remains the specieswhich are used less and less on a daily basis and rather for small purchases.
Interested in what you just read?