In this use case, BCA Bank keeps a "BCA Customer Profile" user data for each account holder, encompassing a variety of essential attributes such as driver's license particulars, current account balance, credit scores, and other relevant financial data.
Take, for example, Ramana Maharshi, who is applying for a car loan via BCA Finance. He is a multi-account holder with BCA Bank, and his customer profile is structured in the following manner:
Document ID: DOC897923CP
Customer ID: BCA123756108
Name: Ramana Maharshi
Date of Birth: October 8, 1970
Driver's License Number: DL77108108
Email: Ramana.Maharshi@karma.org
Phone: +62-856-685-0108
Average Monthly Balance: $200,000,000
Checking Account:
Account Number: CHK1238569
Balance: $89,000,000
Savings Account:
Account Number: SAV1231770
Balance: $380,000,000
Pefindo: 710
CreditKarma: 755
EquiInfo: 695
Loan Amount: $500,000,000
Loan Status: Closed
Overdraft Protection: Enabled
VIP Status: Not a VIP
Fraud Alerts: Disabled
As demonstrated by the above BCA Customer Profile, the user data contains sufficient information needed for the loan screening criteria set forth by BCA Finance. However, the profile also contains extraneous sensitive attributes that hold no relevance for BCA Finance's screening assessment. Transmitting the full profile to BCA Finance would not only result in superfluous data transfer but also introduce considerable risk to customer privacy. Once stored in BCA Finance's server database, such data becomes susceptible to a myriad of security vulnerabilities, ranging from advanced persistent threats (APTs) to unauthorized data access and insider attacks. This escalates the probability of data exfiltration events.