Tangentially related to part of the text in the article : A lot of these and other apps ask you to share documents, camera, mic, gps, and other access from your phone . The problem is that several of those wont work if you reject that access. Even worse, Mexican government passed a law that made it compulsory to monitor your GPS position for Banks and other money related companies, so doing relatively common bank transactions require you to lose your privacy.
Given these blatant privacy violations, I wish mobiles had the option to "mock" data for those sensors. Share files? Sure, give access to a jail like bkank file system. Share mic? Sure, give access to a white noise generated stream, same with video/camera. Share gps? Give some mock location, etc.
That's what a privacy enabled device would do.
I wonder why hasn't this even been implemented at the browser level.
Afaik this is what MicroG does, though their aim is different. They mimic Google services responses so that the apps work without G proprietary libraries and services but I don't think privacy is their stated goal (I'd love for someone to correct me if I'm wrong, not using MicroG myself).
GPS position sharing is a little frightening isn’t it? I mean, if some of these apps are cartel or organized crime related, this could become a real physical threat.
> I wish mobiles had the option to "mock" data for those sensors
They do. The apps ask the operating system for this data through standard APIs, we just need to override those calls in order to lie to the app.
We need to own our phones instead of allowing Google and Apple to maintain control. Rooted Android can do this but Google is bringing their attestation bullshit to their APIs and soon every app will require it because they have no reason not to.
Do you have an iPhone and if it’s jailbroken; if Yes. Do you want to implement some of these ideas into Apple lockdown mode Api? Let me know if it’s something you are interested in?
These scams are going on in India too. Typically they offer $100-$200 loans, and there is no legal framework. Victims are afraid to go to the police. Even if someone goes to the police, these apps are all running from China, and they can't do much about it. From the BBC article: "The people running the apps gained access to all the contacts on his phone and his pictures, and have threated to send nude pictures of his wife to everyone on his phone."[1] It is a horrible system, and Google doesn't care about poor people getting scammed. Some victims even committed suicide because of the threat of releasing their private data.
I came here to mention about situation in India too; so I'll add on to this.
Enforcement Directorate (ED) of India in a span of one week has frozen bank accounts of two crypto companies on the charges that Chinese lending apps were using them to move the money out of India. First WazirX[1] a popular exchange and then Vauld[2].
> These scams are going on in India too. [...] and there is no legal framework.
They said this about Mexico as well, but this doesn't ring true. Even if the microfinance market is unregulated, extortion, death threats and harassment must surely be serious crimes. Perhaps the issue is enforcement? I assume the app operators obfuscate their ownership and ops, but a even a minimally functional major crimes unit must at least be able to catch the worst offenders, no? Or at the very least just have Google/Apple disable the apps.
It references this story which to me is very troubling:
Contreras told the story of one woman who fell victim
to these schemes named Maria. After Maria took a loan,
agents for the app iFectivo sent her 13-year-old daughter,
her cousin, her nieces, and more than a dozen of her other
contacts a picture of a nude woman with her face
photoshopped on. iFectivo told her contacts she had
become a prostitute to pay her debts.
Stuff like this is what disabused me long ago of extreme forms of libertarianism. Most libertarians and also some defund the police types on the left are just woefully naive about what monsters people can be. Turns out we need a very active police force and regulatory state or people will almost literally eat the vulnerable.
What calls my attention of this story is that employees of that app would go through the trouble of creating a credible shopped image of her and sending it to all of her contacts. Do they have almost no clients, was the loan particularly big, do they have loads of employees just to do this...?
1. The loan interest rate is set relative to a base default rate of a population sample of lenders. Therefore very easy to predict capital return, but means interest rates are usually high to cover high rate of defaults.
2. Defaulting loans are sold to local debt collectors for collection, who presumably are quite ruthless.
3. There are a few companies which white label the software needed to run this sort of scheme, so presumably the operator only has to drop in capital.
If you have further information on how these businesses work, please respond!
I built the system of reputale a Mexican startup that did online lending, so I have some insight:
1. This is a real problem in Mexico: people complain about high interest rates. However, for these kind of bullet loans , you see 30% of default in the FIRST loan. And back when we were starting on 2013-14 we had up to 70% of default due to fraud.
So, with around 30% 1st default and about 15% 2nd default, we created revenue models that considered that, CAC, cost of funds and opex to define the interest rate... that very high APR really was not making people rich overnight.
See, one problem in Mexico is that defaulting in a loan is not a crime, so theres legally NOTHING a lender can do to make you pay if you decide not to. The only repercussion is that you Credit Buro gets tainted, for 6 years. I've read of people that get a $100,000MXN loan and then just change phones, move apartments and wait for 6 years to clean their credit buro.
2. Default loans deffinitely are sold, for cents to the peso. But usually only the ones that are very old. Now, there are different types of collection agencies. Where I worked, we tried to he very reputable so we only chose the least shady ones. But in reality the only thing they could do is call you. Even calling your provided references is illegal. We actually stopped asking for references IIRC.
3. I dont know but dont doubt it. BUT, have a look at Fineract/MifosX: an open source loan management system. Its relatively easy to setup a lending operation using that. It's pretty comprehensive.
All in all, there are very shady app/online lending services in Mexico. But it is nothing exclusive of the internet. Way before this, you heard of lenders that would do "collections" by getting some tough guys from prison (yup, in some prisons they can get out for the day like nothing, for some cash) and knocking at the debtor's door with baseball bats, wrenches or any other hard weapon . If you didn't pay they broke your legs or worse.
That now it happens online is only the natural evolution of the shithole that is my country, unfortunately.
Similar situation on YouTube. Posting historical footage of the Apollo program nets you Copyright strikes while actual criminals can livestream crypto scams with utter impunity.
It's strange and crazy: back in 2014 I worked building what we thought was a reputable online lending platform in Mexico. We were the first online lender. And we were at least trying to do things right.
Nevertheless, Google banned us from AdWords/Adsense: we could not advertise our services even if people searched for the company name. The list of banned businesses was: porn, drug,guns and us... that's how "low" was the stance of the business we were doing.
Ff to this day it seems The Goog has seen good money in this vertical , so that it turns a blind eye to fraud.
>Last year, a Reuters investigation by Rina Chandran found dozens of lending apps in India that appeared to violate Google’s policies against short-term loans
just FYI - this is contrary to the product and the law of India. Google is not the regulator.
For example Manndeshi foundation runs 24 hour loans for women vegetable sellers - who take a loan in the morning and pay back at night.
Google Play "ethics" is US-centric. It does not take into account the realities of the local demographics. for example sub 90 day loans are illegal on Play - a lot of microfinance in India/Bangladesh is sub 90 days.
What ends up happening is demonisation of everyone not playing by Google Play's rules and gets termed as "predatory".
While there is plenty of room for doubt about micro-lending (see [1] which I hosted, by Hugh Sinclair, a guy who's actually been there in the field), I don't think it's fair to call these scams "micro-lending." Maybe they're taking advantage of the favorite PR that micro-loans get.
In the micro-lending plans that Oxfam and other legit charities back, borrowers meet in person with the lenders, and no hounding takes place. Most of them pay their loans back promptly.
However, the stories about "poor woman buys a sewing machine; lifts her family out of poverty" are mostly just feel-good PR to milk the donors. More often, they buy a stall in the market to sell produce, and there's only so many stalls the market can support.
The real scandal of micro-lending, as Hugh explains, is that the interest rates are scandalously high, and the lenders are mostly using it as a way to buy SUVs and milk the First World donors who want to feel good.
Apple does allow personal loan apps, but sets limits on interest rates and repayment deadlines (≤36% APR, ≥60 days) which effectively ban the type of app at issue here. Requesting permissions to all of the user's contacts and photos in a loan app wouldn't pass review, either, and the fact that Apple doesn't permit sideloading is an effective block against the "subway flyer" tactic.
If you are getting a quick, small loan in Mexico, you probably don't have an iPhone because they cost multiple times as much as an Android one. So, it's not worth it to make these apps for iPhone users because that demographic is totally the opposite of what you want.
More important, Apple reviews all new apps going into the App Store. One of the rules is that you're not allowed to request more permissions that what the app actually needs. A loan app requesting all this info would never fly because it won't pass the human review. Also, it would be incredibly hard, if not impossible, to reupload an app that was banned under a different name - they have automated checks for this
It's a shame because I think there is a legitment use-case for micro-lending but there needs to be regulation and enforcement. Also asking for those kind of wide permissions should trigger some kind of additional review - a scam-filled untrusted ecosystem hurts all app developers.
I wonder if this has to happen in US so that people start treating privacy as a real issue and not tinfoil hat rant type complaint. Whenever I try to engage in this conversation, 'I have nothing to hide' is a very common refrain. At that point I typically ask for their phone to rummage through. Oddly, that is the moment they hesitate. It is not ok for me to have this information, but a faceless entity connected only by an app? No problem. I fear for the human race.
This kind of scam was so rampant in Indonesia until the government took strong stance, effectively sweeping the practice across the country.
It's like Google doesn't even care about this things, in contrary they're so fast blocking and suspending app submissions that against their bottom line, like digital goods and payments methods.
Here's a question, are these shady apps necessarily worse than the village loan shark which is where the desperate turn to money otherwise? To some extent, the market for no-questions-asked risky loans is similar to gambling, drugs and prostitution, it's a perennial vice that's impossible to stamp out. Is formalizing it better than not formalizing it?
The whole microloan program has been hyped for over a decade now, but as this story shows, the outcome more often than not has been more like mafia loansharking than actual economic development under the entrepreneurial free-market model. This can be explained via the notion that "enterpreneurs without lawyers end up getting screwed over more often than not" and the people who get these microloans just can't afford to hire lawyers to protect themselves.
While it's a right-wing trope, the microloan program has been heavily promoted by the likes of the Soros-Omidyar crowd, with the typical humanitarian patina covering what's really just predatory capitalism:
"We have seen what microloans can do at the individual level and are excited about bringing that same opportunity to small and medium businesses," said Jim Bunch, Director of Investments at Omidyar Network.
Here's another expository write-up of the phenomenon, in Cambodia. Looks very similar to India, Mexico, etc.
[edit] for more on background on this global trend and its origins (2007)
> "Microcredit is the newest silver bullet for alleviating poverty. Wealthy philanthropists such as financier George Soros and eBay co-founder Pierre Omidyar are pledging hundreds of millions of dollars to the microcredit movement. Global commercial banks, such as Citigroup Inc. and Deutsche Bank AG, are establishing microfinance funds. Even people with just a few dollars to spare are going to microcredit Web sites and, with a click of the mouse, lending money to rice farmers in Ecuador and auto mechanics in Togo... Wealthy philanthropists, banks, and online donors aren’t the only ones fascinated with microcredit. The United Nations designated 2005 as the International Year of Microcredit..."
The micro loan system works fine in USA & countries that actually enforce laws against extortion. I’ve gotten close to 0% interest rate instant loans for $100- $200 with Dave, Earnin, and MoneyLion. Been in the red for many months and never received even 1 threatening phone call, text, or letter. These apps saved me in a pinch and had seemingly no downside.
One of these vulnerabilities is living in Mexico. From TFA:
"He starts getting this very, very graphic images of dismembered bodies. You know, real images probably taken from those websites that have pictures from drug dealers and the terrible things they do here in Mexico.
So he’s being sent this true, these real pictures. And of course any Mexican will immediately get very scared, very intimidating, thinking that organized crime is behind something. You don’t want to be their target. You start fearing for your life. They have your address. They have information on your children, your wife, he’s very scared."
> there has to be something about your life, true or false
There are plenty of false things that anyone can say about literally anyone, including you. If the lie is well-crafted enough, good luck defending against it.
> And another method of intimidation is they start Photoshopping the picture he sent with his ID. They start Photoshopping his picture into posters saying. like. “he’s a pedophile. He raped a minor. He’s wanted by the police.”
Who would be okay with that being said about them?
[+] [-] xtracto|3 years ago|reply
Given these blatant privacy violations, I wish mobiles had the option to "mock" data for those sensors. Share files? Sure, give access to a jail like bkank file system. Share mic? Sure, give access to a white noise generated stream, same with video/camera. Share gps? Give some mock location, etc.
That's what a privacy enabled device would do.
I wonder why hasn't this even been implemented at the browser level.
[+] [-] bornfreddy|3 years ago|reply
[+] [-] _HMCB_|3 years ago|reply
[+] [-] _piif|3 years ago|reply
https://github.com/M66B/XPrivacyLua
Requires rooted Android + Xposed though.
[+] [-] matheusmoreira|3 years ago|reply
They do. The apps ask the operating system for this data through standard APIs, we just need to override those calls in order to lie to the app.
We need to own our phones instead of allowing Google and Apple to maintain control. Rooted Android can do this but Google is bringing their attestation bullshit to their APIs and soon every app will require it because they have no reason not to.
[+] [-] josephcsible|3 years ago|reply
For all of the crazy rules Google has for the Play Store, I don't know why they don't have one against this.
[+] [-] unknown|3 years ago|reply
[deleted]
[+] [-] biggerChris|3 years ago|reply
[+] [-] User23|3 years ago|reply
[+] [-] leaflets2|3 years ago|reply
[+] [-] airtonix|3 years ago|reply
[+] [-] nixcraft|3 years ago|reply
[1]https://www.bbc.com/news/business-61564038
[+] [-] jimmaswell|3 years ago|reply
2. Set up a fake Google account, nudes from Google image search, and scammer numbers as contacts
3. Take these loans and wipe the phone or let them "hack" the worthless phone
4. Profit as these people being out of reach of the police goes both ways?
[+] [-] kumarm|3 years ago|reply
Most of loan apps require users to download APK and side load them. Google play removed a number of them from Play app store.
What is the role of Google here? Make it harder to side load apps in countries like India? I would think it raises more issues than it solves.
[+] [-] vishnugupta|3 years ago|reply
Enforcement Directorate (ED) of India in a span of one week has frozen bank accounts of two crypto companies on the charges that Chinese lending apps were using them to move the money out of India. First WazirX[1] a popular exchange and then Vauld[2].
[1] https://bit.ly/3PrKk5g [2] https://bit.ly/3djQ9V2
[+] [-] klabb3|3 years ago|reply
They said this about Mexico as well, but this doesn't ring true. Even if the microfinance market is unregulated, extortion, death threats and harassment must surely be serious crimes. Perhaps the issue is enforcement? I assume the app operators obfuscate their ownership and ops, but a even a minimally functional major crimes unit must at least be able to catch the worst offenders, no? Or at the very least just have Google/Apple disable the apps.
[+] [-] unknown|3 years ago|reply
[deleted]
[+] [-] spaceman_2020|3 years ago|reply
The number of scammy, scummy app based lenders was getting out of control.
[+] [-] nikanj|3 years ago|reply
[+] [-] donohoe|3 years ago|reply
Troubling, unethical, illegal stuff.
[+] [-] api|3 years ago|reply
[+] [-] fzfaa|3 years ago|reply
[+] [-] Biologist123|3 years ago|reply
1. The loan interest rate is set relative to a base default rate of a population sample of lenders. Therefore very easy to predict capital return, but means interest rates are usually high to cover high rate of defaults.
2. Defaulting loans are sold to local debt collectors for collection, who presumably are quite ruthless.
3. There are a few companies which white label the software needed to run this sort of scheme, so presumably the operator only has to drop in capital.
If you have further information on how these businesses work, please respond!
[+] [-] xtracto|3 years ago|reply
1. This is a real problem in Mexico: people complain about high interest rates. However, for these kind of bullet loans , you see 30% of default in the FIRST loan. And back when we were starting on 2013-14 we had up to 70% of default due to fraud.
So, with around 30% 1st default and about 15% 2nd default, we created revenue models that considered that, CAC, cost of funds and opex to define the interest rate... that very high APR really was not making people rich overnight.
See, one problem in Mexico is that defaulting in a loan is not a crime, so theres legally NOTHING a lender can do to make you pay if you decide not to. The only repercussion is that you Credit Buro gets tainted, for 6 years. I've read of people that get a $100,000MXN loan and then just change phones, move apartments and wait for 6 years to clean their credit buro.
2. Default loans deffinitely are sold, for cents to the peso. But usually only the ones that are very old. Now, there are different types of collection agencies. Where I worked, we tried to he very reputable so we only chose the least shady ones. But in reality the only thing they could do is call you. Even calling your provided references is illegal. We actually stopped asking for references IIRC.
3. I dont know but dont doubt it. BUT, have a look at Fineract/MifosX: an open source loan management system. Its relatively easy to setup a lending operation using that. It's pretty comprehensive.
All in all, there are very shady app/online lending services in Mexico. But it is nothing exclusive of the internet. Way before this, you heard of lenders that would do "collections" by getting some tough guys from prison (yup, in some prisons they can get out for the day like nothing, for some cash) and knocking at the debtor's door with baseball bats, wrenches or any other hard weapon . If you didn't pay they broke your legs or worse.
That now it happens online is only the natural evolution of the shithole that is my country, unfortunately.
[+] [-] josephcsible|3 years ago|reply
[+] [-] tjpnz|3 years ago|reply
[+] [-] xtracto|3 years ago|reply
Nevertheless, Google banned us from AdWords/Adsense: we could not advertise our services even if people searched for the company name. The list of banned businesses was: porn, drug,guns and us... that's how "low" was the stance of the business we were doing.
Ff to this day it seems The Goog has seen good money in this vertical , so that it turns a blind eye to fraud.
[+] [-] fzfaa|3 years ago|reply
[+] [-] sandGorgon|3 years ago|reply
just FYI - this is contrary to the product and the law of India. Google is not the regulator.
For example Manndeshi foundation runs 24 hour loans for women vegetable sellers - who take a loan in the morning and pay back at night.
Google Play "ethics" is US-centric. It does not take into account the realities of the local demographics. for example sub 90 day loans are illegal on Play - a lot of microfinance in India/Bangladesh is sub 90 days.
What ends up happening is demonisation of everyone not playing by Google Play's rules and gets termed as "predatory".
[+] [-] AlbertCory|3 years ago|reply
In the micro-lending plans that Oxfam and other legit charities back, borrowers meet in person with the lenders, and no hounding takes place. Most of them pay their loans back promptly.
However, the stories about "poor woman buys a sewing machine; lifts her family out of poverty" are mostly just feel-good PR to milk the donors. More often, they buy a stall in the market to sell produce, and there's only so many stalls the market can support.
The real scandal of micro-lending, as Hugh explains, is that the interest rates are scandalously high, and the lenders are mostly using it as a way to buy SUVs and milk the First World donors who want to feel good.
These scams are not "micro-lending."
[1] https://www.youtube.com/watch?v=rhdZ2RfmiXo
[+] [-] lupire|3 years ago|reply
[+] [-] syntaxing|3 years ago|reply
[+] [-] duskwuff|3 years ago|reply
[+] [-] netr0ute|3 years ago|reply
[+] [-] kioleanu|3 years ago|reply
[+] [-] siliconc0w|3 years ago|reply
[+] [-] A4ET8a8uTh0|3 years ago|reply
[+] [-] leach|3 years ago|reply
Really have to just stay frosty all the time now.
[+] [-] CharlesW|3 years ago|reply
[+] [-] wejick|3 years ago|reply
[+] [-] InfiniteRand|3 years ago|reply
[+] [-] photochemsyn|3 years ago|reply
While it's a right-wing trope, the microloan program has been heavily promoted by the likes of the Soros-Omidyar crowd, with the typical humanitarian patina covering what's really just predatory capitalism:
"We have seen what microloans can do at the individual level and are excited about bringing that same opportunity to small and medium businesses," said Jim Bunch, Director of Investments at Omidyar Network.
Here's another expository write-up of the phenomenon, in Cambodia. Looks very similar to India, Mexico, etc.
https://www.aljazeera.com/economy/2019/8/6/cambodias-micro-l...
[edit] for more on background on this global trend and its origins (2007)
> "Microcredit is the newest silver bullet for alleviating poverty. Wealthy philanthropists such as financier George Soros and eBay co-founder Pierre Omidyar are pledging hundreds of millions of dollars to the microcredit movement. Global commercial banks, such as Citigroup Inc. and Deutsche Bank AG, are establishing microfinance funds. Even people with just a few dollars to spare are going to microcredit Web sites and, with a click of the mouse, lending money to rice farmers in Ecuador and auto mechanics in Togo... Wealthy philanthropists, banks, and online donors aren’t the only ones fascinated with microcredit. The United Nations designated 2005 as the International Year of Microcredit..."
https://ssir.org/articles/entry/microfinance_misses_its_mark
[+] [-] unknownaccount|3 years ago|reply
[+] [-] unknown|3 years ago|reply
[deleted]
[+] [-] AlbertCory|3 years ago|reply
The Grameen Bank in Bangladesh was first publicized in the West 20 years ago.
It also isn't "predatory capitalism." Rather, it's NGO-ism. It's charitable donations from liberal-minded people that drive it.
[+] [-] londons_explore|3 years ago|reply
I was thinking, and I don't think there is anything that I wouldn't want said to my friends or family.
Everything that could be said is either plainly untrue, or wouldn't sufficiently bother me to change my behaviour.
I wonder how other people get into positions where this isn't the case for them?
[+] [-] npteljes|3 years ago|reply
"He starts getting this very, very graphic images of dismembered bodies. You know, real images probably taken from those websites that have pictures from drug dealers and the terrible things they do here in Mexico.
So he’s being sent this true, these real pictures. And of course any Mexican will immediately get very scared, very intimidating, thinking that organized crime is behind something. You don’t want to be their target. You start fearing for your life. They have your address. They have information on your children, your wife, he’s very scared."
[+] [-] pdntspa|3 years ago|reply
There are plenty of false things that anyone can say about literally anyone, including you. If the lie is well-crafted enough, good luck defending against it.
[+] [-] josephcsible|3 years ago|reply
> And another method of intimidation is they start Photoshopping the picture he sent with his ID. They start Photoshopping his picture into posters saying. like. “he’s a pedophile. He raped a minor. He’s wanted by the police.”
Who would be okay with that being said about them?
[+] [-] dymk|3 years ago|reply