A couple years ago while I was at home with my family for Christmas I got a call from my credit card company. Someone had tried to charge $14,000 to my account on Christmas Eve, “was that you?” they wanted to know. It was one of the first times I sat grateful that my credit card company had a fraud detection department capable of detecting unusual charges and flagging them quickly—how smart that they could analyze the data so quickly and notice unusual activity. Over this past weekend I got a call from the fraud department for the second time ever, and this one left me wondering if the fraud detection department has just stopped investing in data analytics.
I’ve been traveling for a week, something I have been doing less and less of over the past year or so. I’d flown into Boston on Tuesday night arriving 2hrs late at roughly 2am, worked from Cambridge for a couple days, then rented a car Friday to drive to a wedding in Hanover, New Hampshire. Being the amazing advanced-planner that I am (ahem, or rather, not-so-amazing) I’d taken off from Cambridge and high-tailed it through to New Hampshire without thinking twice about cash or gas. Along the way, I’d hit a toll plaza (forgot about those!) and had to apologize profusely to the toll collector while I pecked around in my coin purse to produce 96 cents, not quite the $1 he was hoping for but he kindly let me through. I realized I may have been slightly unprepared, and was now without any cash, watching a rapidly falling gas gauge, and approaching nightfall. An hour or so later, just before 8pm and with 20miles to go, I decided the near-empty tank wasn’t going to get me all the way there and I better pull off for gas before stations closed. I pulled into an isolated gas station a few miles off the highway only to find that my credit card company had disabled my account. Lucky for me, since I had no cash on hand, I had a different card on hand—so I paid and went my merry way.
I arrived at my hotel to find a voice mail from the fraud detection department asking for a return call. After verifying my identity, they asked about a slew of what seemed like fairly obvious charges: “Did you charge $7 to United Airlines on Tuesday? $10 to the Boston T on Wednesday? $300 to Enterprise Car Rental on Friday? What about this $30 for <some random NH gas station> earlier tonight?”
Seriously guys? I bought an airplane ticket from SFO-BOS using your credit card a month earlier. I then reserved a hotel room for Friday and Saturday nights in Hanover on your credit card. Then I made a car rental reservation from Cambridge, again with your credit card. So your detection system sounded alarms because I bought a glass of wine on a flight you knew I’d purchased, bought a subway pass in a city you knew I’d arrived in, rented a car you knew I’d made a reservation for, and bought gas for the car you knew I’d rented? Was it really that hard to connect the dots? What exactly have you been investing in or innovating over the past few years, anything at all?
I spend so much of my professional life working with people who worry about privacy invasions resulting from advanced data analytics. Never do I hear people saying things like I thought Friday night: oh dear credit card company, you had the data, you should be smart enough to make my life easier by figuring out what it means. Instead, when companies do this sort of analytics well, I hear outrage over how it is that the company knew what it did, and whether what it knew was actually accurate.
When are we as a society going to get as outraged about the lost opportunities that could have been captured using data analytics as we get about the potential privacy invasions that might arise from collection and use of the underlying data sets? When will the public pressure be of the form “Why didn’t you know better?” instead of “You shouldn’t have known that?”