Security & Confidentiality

Northeastern University has recently invented a T-shirt that makes?it’s?wearer invisible to facial recognition software. It works on the knowledge that an individual needs to be identified within the frame before their face can be analysed. Whilst most applications draw a bounding box around the individual to distinguish them from the general background, this t-shirt prevents?the facial recognition software from drawing a bounding box around?the person?wearing it. Preventing?the AI?from moving forward?to the next step of analysing?their?face.?

This poses some interesting questions and challenges when it comes to Security, Confidentiality and Privacy. People want their privacy protected and respected, while companies through the use of?technology?need to protect themselves and their customers from harm. How would this constrain the practical application of a service by a business to other businesses? How does the implementation of privacy and security policies impact the user experience?

Business-to-Business Software as a Service Providers?need to ensure the privacy acts?applicable to the regions in which they operate, such as SA POPI Act and the European GDPR Act are adhered to even if the customers experience is affected negatively.?

Irrespective of the information that is collected, stored or processed by a company about its clients, there needs to be a vigilant approach to confidentially. This?is where the privacy of the individual, the T-shirt wearer,?and the security controls, the Facial and other forms of recognition?meet. Information needs to be managed, tracked and controlled to ensure only those legitimately and rightfully entitled to it are able to access it in a secure manner.?

When it comes to user experience the company needs to differentiate between a Business-to-Individual service and a Business-to-Business service where the information and method required WHEN authenticating a user; is different. Biometrics such as facial recognition and one-time passwords will work to allow access to an individual but would not necessarily be practical when sending a statement to a company’s accounts department.?

Business-to-Business Service Providers should?implement?the strictest controls?of confidentiality through user permissions and rights to information in the company context.?This needs to be monitored and tracked to ensure the continued?legitimacy and authenticity of the user in that business.

Whether you choose to wear a T-shirt that hides your identity or a designer T-shirt that makes you stand out, when its come to engaging with?a Service Provider?in the Accounts Receivable and Payable Management space such as ours or any other,?make sure?that your company’s Security, Privacy and Confidentiality requirements, as well as your own, are covered.

| System1A | Weekly Blog | April 2022 (Author: AS)