Ally Financial has quietly begun using location capture technology from Google.
We believe that Ally is the first major bank in the US to do so.
About two weeks ago, Ally turned on a new ATM locator application on Ally.com. The application allows consumers to find Ally ATMs nationwide, as well as locations where Ally offers cash back on retail purchases.
But tucked into this application is the use of the Google Chrome locator technology. When visiting the site through the Google Chrome browser, visitors are informed before using the app that “www.ally.com wants to track your physical location.” The visitor can “allow” or “deny” Ally.com that access.
Ally does not request such access of visitors to its website via Internet Explorer.
SCREENSHOT OF ALLY.COM REQUESTING PERMISSION TO TRACK SITE VISITORS
The location sharing technology comes from Google, which explains the technology as follows:
Some sites can use your location information to personalize the information they show you. For example, if you share your location with a site that specializes in restaurant reviews, the site can fine-tune its display and show reviews for restaurants near you. You have full control over whether you share your location with sites.
Google Chrome never shares your location without your permission. By default, whenever you’re on a site that wants to use your location information, Google Chrome alerts you by showing you a prompt at the top of the page. Your location — determined by nearby wireless access points and your computer’s IP address — is sent to the site only if you click Allow in the prompt.
If you agree to share your location with the site, [an] icon appears in the address bar to remind you that you’ve permitted the site — or something embedded in the site, such as a map — to access your location.
To be sure, Google is making more than cursory data available to third parties. Officially, “sites that you visit using Google Chrome will automatically receive standard log information similar to that received by Google. These sites may also set their own cookies or store site data on your machine.”
Google adds that the data coming via its location-sharing feature is even more robust. According to official Google policy:
If you choose to use Google Chrome’s location feature, this service allows you to share your location with a site. We will not allow a site to access your location without your permission. If the site is a non-Google website, we do not have control over the website or its privacy practices. Please carefully consider any website’s privacy practices before consenting to share your location with that website.
We have not seen any other major financial institution in the US use this location technology. It should be noted that non-Ally customers are also asked for permission to be tracked.
We’ve asked Ally how many visitors are allowing the bank to use the location technology. We’re waiting for an answer.
Here’s how Ally describes its usage of the location technology:
Ally Bank is not tracking customer locations through its ATM and Cash Back Locator tool. Certain browsers, including Google Chrome and Firefox have location capture technology that asks the website visitor if they would like to share their location with the sites they visit. If a visitor permits the browser to share this information on the Ally Bank site, it is only used to populate a search field in the ATM locator tool, at the request of the site visitor. Ally Bank does not keep track of, collect, or store this information. If a visitor does not permit the browser to track this information on the Ally Bank site, the visitor can still utilize the ATM locator tool by manually inputting the address, city and state or zip code.
Several banks already track consumers’ locations via mobile banking applications. Last April, we conducted a survey on location technology usage by the largest banks, and found that of those banks that do use location technology, did not match locations to particular customers. That appears to be the case with Ally, too.