ENCRYPT Blog Series #6: DP in Fintech use case

Deployment of Local Differential Privacy in the ENCRYPT Fintech Use Case
by Konstantina Papachristopoulou, Senior R&D Project Manager, Eight Bells Ltd.

In a bilateral relationship between a financial institution and a 3rd party service provider, where the latter performs analytics to the data of the clients of the former to provide data-driven insights, preserving the privacy of the clients is one of the most important requirements. In such a use case, like the Fintech use case of ENCRYPT, leveraging privacy preserving technologies can address this need. The application of Local Differential Privacy provides a robust solution to this problem, while supports both the financial institution and the 3rd party service provider.

In today’s digital era, financial institutions possess a vast amount of customer data that holds immense potential for improving services, personalizing experiences, and boosting profits. As data-driven insights become increasingly crucial, ensuring the privacy and security of this sensitive information is paramount. In the Fintech use case of ENCRYPT, EPIBANK, a leading financial institution, is collaborating with EXUS, the developer of EXUS Financial Suite (EFS), that provides data-driven analytics aiming at optimising debt collection services. To safeguard the privacy of EPIBANK’s clients, while being able to gain valuable business insights from the available data, the deployment of a Privacy Preserving Technology like Local Differential Privacy (LDP) holds great promise.

Traditionally, privacy models like Centralized Differential Privacy relied on a trusted aggregator to safeguard the privacy of individuals by holding their sensitive data. While this approach has been extensively studied and widely applied, alternative models have emerged to address certain limitations. LDP, for instance, operates on the principle that each individual is responsible for protecting their own privacy, eliminating the need for trust in a central authority. By adding noise to user inputs locally, LDP algorithms enable statistical computations while ensuring the confidentiality of individual user data.

Comparison between the two differential privacy models (Source: Yang et. al., Local differential privacy and its applications)


LDP has garnered significant attention and adoption across various domains, including identifying the most frequent or influential elements in a dataset (heavy hitters’ discovery), probability estimation, and machine learning models. To achieve higher data utility, researchers have proposed novel mechanisms for mean estimations on multi-dimensional numeric data and frequency estimations on categorical attributes. While LDP holds promise for privacy-preserving computations, it is important to note that the utility obtained from the same amount of data is typically smaller than that of traditional differential privacy models.

In the context of the ENCRYPT Fintech use case, the deployment of LDP presents an opportunity to unlock the value of sharing financial data while respecting customer privacy. By training machine learning algorithms on datasets encompassing monthly account records, daily transaction records, behavioral scoring variables, demographic variables, and product-based details, EXUS empowers EPIBANK to make accurate predictions and intelligent customer segmentation. These predictions allow for classifying customers into different risk levels and tailoring appropriate treatment plans.

However, the practical deployment of privacy-preserving technologies has been a challenge, often resulting in missed opportunities and potential cybersecurity risks. Outbound data-sharing poses the risk of exposing sensitive information to third parties, which could lead to privacy violations and hinder the development of new services and processes. To address these concerns, the scalable and practical Privacy Preserving framework that will be implemented in ENCRYPT as a platform, can be used by various fintech end users to foster data sharing, fuel innovation, and optimize services without compromising the sensitive information entrusted to financial institutions.