Connect with us

Economy

The Gig Economy and the case of Split Identities

Published

on

The gig economy is exploding these days, especially in the wake of the global virus outbreak. According to the Bureau of Labor projections, the portion of gig economy workers will increase
to 43%
 in 2020. Among millennials, 40% have identified as participating in the gig economy.

Gig economy means transitory jobs. Rideshare drivers, work-from-home graphic designers, temporary customer service agents.  While most are part-time jobs, they are quite stable while they last. In times of economic crisis, some gig economy jobs may disappear
altogether, and some – such as delivery services in the current crisis – see a huge uplift in demand.

The surge in a freelancer economy has left many organizations that provide these services struggling with a new phenomenon: their freelancers are sharing their digital account with someone else. Why is this happening now more than ever? Due to the current
economic climate, people are anxious to earn more income. Their digital identity is suddenly quite valuable as they have been verified and vetted and allowed to engage in whatever service the gig economy company is allowing them to do. But as 24/7 work is
impossible, the notion of sharing their account with family, friends or other interested parties to continue generating income in an economic downturn is appealing, and a very real phenomenon happening today.

This makes a lot of sense from an individual perspective. These are difficult times, and the extra income shouldn’t be anybody’s business. However, taken from the larger perspective of society, this creates a major trust and safety issue. Think about your
favorite ridesharing app: You order a ride, step into the car, and find a completely different driver behind the wheel.

Or think about a call center service that operates on behalf of Fortune 500 companies. Lockdowns mean that most customer service agents are now working from home. Who can say whether an agent who punched in 12 hours per day is really working two shifts,
or just shared her account with a friend?  A friend who is not properly trained, has not signed an NDA, and not authorized to have access to your private data?

Or consider a high-ranking web developer who provides online services as a freelancer, earning top dollar for projects. As a way to generate additional income, he “rents” his identity to unvetted freelancers so they can enjoy access to top paying jobs, and
he gets a commission in exchange. You’re paying premium dollars for work that, in fact, isn’t done by the top ranked freelancer at all.

Trust is a key component in work-from-home environments, and when identity controls are broken, you can trust no one.

When digital accounts are misused and shared, there are far reaching implications. Lack of accountability. Lack of attribution. Impact on reputation when foul play is discovered. And, quite often, trust and safety concerns.

Devices Can’t Be Trusted

The verdict on passwords as a way to authenticate a digital identity has been decided ages ago: absolutely untrustworthy. Which is why in the last two decades, online and mobile applications found a great way to handle digital identities: the idea of the
Trusted Device. The premise of “something you have” became synonymous with digital identity. If you come from a device that has been seen before in your account, it must be you. Furthermore, once you verify your device via a one-time passcode, it becomes a
trusted device. A token of your identity. As long as you log in from your “trusted” device, it’s got to be you.

The reality is that this is no longer true.  Quite far from it, actually. Cybercriminals have found so many ways to bypass device checks that it is scary to even list all of them here. And that’s only half of the problem: People now use multiple devices
with the average household owning 11 connected devices. The fact you come from a new device does not
mean it’s not you.

So traditional ‘what you know’ and ‘what you have’ are not really reliable measures to help gig economy companies control their identities. How about biometrics?

Selfies and Fingerprints to the Rescue?

Selfies and fingerprints are becoming mainstream authenticators. But when you think about it, if your device recognizes you based on a fingerprint or face recognition, it’s basically proof that the device knows you, but not proof that you are who you claim
you are. Unless the face image or fingerprint are matched against a central database or a separate document that can be independently validated, all they really mean is that the device recognizes the person who has set it up.

Moreover, fingerprint and face biometrics are even less effective in addressing the gig economy identity split problem because you can easily add more fingerprints to your iPhone or Android device – after all, they were originally designed as a convenience
factor. So if you want your iPhone to be unlocked by your spouse and kids, knock yourself out. It’s wide open. The same goes for face recognition – you can add a second face that your device would recognize as legit, which is especially useful nowadays when
people walk around with face masks. So no, if someone is willingly sharing their account with a friend or family member in order to boost their freelancer profits, device-based biometrics are the least of their problems.

Clandestine Biometrics

What if the biometric analysis is done behind the scenes, though?

Several types of passive biometrics have been developed and perfected over the course of the last few years. In a call center environment, it is now possible to continuously record and match the agent’s voice against their historic profile. If an anomaly
is found, it can be investigated.

In web and mobile applications, behavioral biometrics is the new queen. Behavioral biometrics silently monitors the user interaction – mouse motions, typing patterns, cognitive choices and navigational preferences. Behavioral biometrics is not designed to
replace a password; in fact, it’s actually interesting to see how one types their password. But it does provide continuous monitoring and can point to anomalies in user behavior. It’s also less intrusive than matching fingerprints and faces, because those
can actually trace a person and – if stored in a central reposiroty – can be compromised and traded, while behavioral biometrics are more statistical in nature and used to verify that the behavior in the account matches past behaviors and no foul play is spotted;
it was never designed as a way to trace a specific individual and can’t be used as an identifier.

Account sharing is one of the things behavioral biometrics can highlight. Banks already found out it’s the only way to really know about, say, users of corporate online banking services who share their credentials with coworkers. Which, from a bank’s perspective,
creates a serious breach of confidence as their actions cannot be attributed to a single, personally accountable identity.

Back to the gig economy. So what’s wrong with someone trying to make a few extra bucks by sharing their work from home account with friends and family? For the worker, it is seemingly harmless and not done with bad intentions. However, for the organizations
that operate gig services this is an opening to incredible risk. When a digital identity is split, they lose all means of control. There is no way to really know who is providing the service, whether they have been vetted, or maybe even disqualified for some
reason and came back under a different identity of someone who was willing to share the account with them.

Identity is extremely important, and splitting it through account sharing creates significant risk. It’s time for gig economy businesses to re-think digital identity and models for building trust and safety.

 

Source link

Economy

Food delivery deaths: NSW transport minister criticised for ‘victim blaming’ | Gig economy

Published

on

By

The New South Wales transport minister, Andrew Constance, has been criticised for “victim-blaming” comments made about the recent deaths of delivery riders.

Five delivery riders have been killed in road crashes in Australia since 27 September, an average of one every 11 days. In Sydney, two Uber Eats riders were killed in separate crashes on Saturday morning and Monday evening.

The minister told reporters on Tuesday morning that food delivery companies needed to provide more reflective equipment, but that riders themselves had “a degree of self-responsibility” to “make sure that they are highly visible”.

The head of the Bicycle Network, Craig Richards, said there was no evidence any of the riders who died were not wearing enough reflective clothing.

He said the government’s taskforce into the deaths – announced on Tuesday – needed an urgent deadline, otherwise more people would die while waiting for its recommendations.

Daniel Mookhey, a NSW Labor MP who is chairing the current inquiry into the gig economy, said the government should act now.

“There is massive risk of more people dying riding for gig platforms before we hear anything from the taskforce,” he said.

“I’m disappointed the minister failed to set a deadline for the taskforce to finish its work. We haven’t even seen its terms of reference.”

Mookhey said the government could make an “emergency workplace health and safety regulation for food riders in the gig economy” while waiting for the taskforce.

He also confirmed he would consider speeding up the findings of the current inquiry, if the taskforce lagged behind.

“If the state government doesn’t take any meaningful action, I’m open to the inquiry fast-tracking its WHS and workers compensation recommendations,” he said. “Someone has to act.”

Richards said any timeframe longer than five months would make the taskforce pointless.

“In other workplaces, if five people were killed, you’d be on to it in a beat,” he said. “If it is six months, then no – we already have a parliamentary inquiry doing that.

“Tell us next week, if there are recommendations to be made, do it fast. We don’t want to rush, but at the moment, we have a concentration of fatalities, so we want to make sure we do everything we can.”

He said that Constance’s earlier comments on the deaths were “victim-blaming”.

On Tuesday morning, prior to the taskforce announcement, Constance said: “I have asked the agency to contact the companies – more must be done in terms of the reflective equipment that they are wearing. It wouldn’t matter if it is the actual bag they are carrying, or the clothes that they are wearing. We want to make sure that they increase their visibility on the roads.”

When asked whether he would support a Labor bill to mandate protections for workers, he said: “I think the key element is: let’s work with the companies on a solution. You know, and also the riders themselves, there has got to be a degree of self-responsibility to make sure that they are highly visible. So, you have got to find a good landing in that place.”

The minister also said that while the circumstances of each crash was different, “generally I think we would all acknowledge that they are getting around the city typically in the night hours”.

Richards said there was no evidence that any of the riders who died were not wearing enough reflective or visible clothing.

The most recent fatal crashes in Sydney occurred at 11am and 6.40pm respectively.

“We have had five people who have lost their lives, to suggest that it was their fault for not wearing a vest – we don’t know that,” he said.

“At this stage we don’t know if they were wearing one or not. It is a horrible thought to suggest.”

He also criticised the minister for not telling motorists or car drivers to be more careful.

“It puts all the onus on the person riding,” he said. “The evidence shows that fluorescent vests don’t make a difference in that regard. People think you put one of these fluorescent vests on and you are bulletproof, and it solves all your problems.”

A spokeswoman for Constance did not answer questions on whether the taskforce had a deadline.

“Every death on our road is a tragedy,” she said. “It’s going to take work on all sides, from industry, individuals and government, to ensure the safety of delivery riders. We want to do everything possible as a government to ensure everyone is safe on our roads and at work.”

But Mookhey said the new taskforce “seems to have no additional powers”.

“SafeWork NSW has immense power, but hasn’t used them. Usually, when a person dies on the job, SafeWork NSW closes their workplace until they’re confident it’s safe.”

Richards said that drivers’ awareness of cyclists was important.

“It just makes more people realise: ‘When I am driving a vehicle, I better look out’. Whether a person is delivering food or riding for leisure. That is the classic mistake people make, they don’t look.”

Source link

Continue Reading

Economy

Navigating the gig economy: finding success as a freelancer – Richmond.com

Published

on

By

Continue Reading

Economy

Gig-economy click farms surge during Covid-19

Published

on

By

Underground businesses that employ real people to facilitate fraudulent services such as fake clicks, CAPTCHA hacking and traffic inflation have seen a surge of interest in the past six months as the world has been plunged into a global recession, according to a report by fraud detection firm ClickCease.

While the dark web has copious fraud on offer, those looking to take advantage of these services need not look beyond the open web. Searching for ‘buy bot traffic for website’ or ‘buy clicks for website’ in major search engines yields tens of thousands of results. Many of these fraud instigators actually pay search engines to feature first in such search terms.

Fraudsters employ techniques of varying sophistication to facilitate this fraud, such as infecting devices with malware, taking over or spoofing IP addresses, and employing bots to generate clicks. But a new report from ClickCease has uncovered a growing economy of fraudulent marketplaces that pay real people to click on ads.

These sites operate in a similar way to gig-economy firms like TaskRabbit, employing a roster of tens of thousand of freelance workers to complete tasks. But instead of cleaning houses or assembling furniture, these workers are asked to click on ads, download apps and complete CAPTCHAs, and can earn US$100 per month to do so.

During Covid-19, such fraud marketplaces have offered a source of income to the millions of people who have been let go or found themselves in trying financial circumstances. According to ClickCease’s report, the majority of workers at such fraudulent sites come from low-income countries including India and Vietnam.

ClickCease co-founder Ilan Missulawin noted: “The underground ad click economy is only increasing in scale due to minimal enforcement and the challenges of Covid-19, as more people are being enlisted to make money without having to leave their homes.”

The 20 most prominent Pay to Click (PTC) sites, including Paidvert ScartletClicks and PTCShare, claim to have paid out more than US$13.2 million to online freelancers working in this gig economy, ClickCease found. With each worker paid 5 cents a click, this equates to 266 million ads clicked, ClickCease reports.

Traffic to these sites has surged in the past six months, ClickCease reports. One of the largest sites, NeoBux, has reached a peak of 9 million visitors per month. ScarletClicks achieved a 41% increase in traffic within six months to 1.3 million visits in September 2020. PTC Share has seen a 13% increase in traffic to 1.2 million visits a month.

Some sites offer the ability to evade detection by buying “safe” clicks. For example, Fivesquid offers $5 packages to deliver certain amounts of “safe” AdSense Clicks, such as real human visitors from the US, groups of clicks where the ‘user’  spends a minimum amount of time on a site, and clicks spaced out across a day.

Despite the fact that these sites violate Google’s terms and conditions, several vendors freely advertise on Google’s paid search terms for keywords such as “organic clicks”. For instance, Serpclix in its ad “discusses a pool of thousands of microworkers to optimize your organic CTRs and boost rankings”.

Clicks is one of the easiest advertising metrics to game. ClickCease has found that at least 15% of clicks on pay-per-click (PPC) ads through contracts with online advertising platforms, most notably Google, are invalid.

Beyond clicks, workers are employed to solve CAPTCHA verification tests, which are used to determine whether a user is a human or a robot.

One CAPTCHA-solving farm, 2Captcha, offers to solve 1,000 CAPTCHAS for $0.77 and claims to have more than 2,000 workers online at any one time. Deathbycaptcha.com offers solving rates at $1.39 per 1,000. 

Source link

Continue Reading

Trending

Copyright © 2019 Gigger.news.