In the era of big data, the information that aggregates an individual's current credit worthiness is increasingly being emphasized by various industries, and the value behind it is incalculable. At present, commercial banks and various financial institutions are increasingly extending their business to the Internet. Compared to the traditional offline face-to-face communication with customers, commercial banks and various financial institutions are now more likely to use data products provided by credit and big data service organizations to assist in designing and carrying out innovative Internet businesses. For example, through the individual's social, consumption and behavioral data for personal identity portrait, credit assessment and so on. However, whether it is personal credit information or report products, as it involves personal privacy, according to the "Regulations on the Administration of the Credit Collection Industry", the collection of personal information shall be subject to the consent of the subject of the information except for personal information disclosed in accordance with the law and shall not be collected without such consent; except as otherwise provided for by the law, if others inquire about personal information from the credit collection agency, it shall obtain the written consent of the subject of the information himself/herself and agree on the purpose, and the credit collection agency shall not provide personal information in violation of the regulations. shall not provide personal information in violation of the regulations. Therefore, if a financial or credit collection agency needs to collect or view personal credit data, it must obtain an authorization signed by the financial consumer himself. However, in reality, there are quite a few problems with credit authorization, such as: some financial institutions have designed ambiguous authorization clauses without defining the scope of authorization and the time limit, and there is a situation where one authorization is given for multiple or unlimited use; when signing authorization forms online, most people often click "Agree to the Agreement" without checking the content of the authorization in detail due to the lack of understanding of the authorization; when disputes arise, the authorization form must be signed by the financial consumer himself or herself. When disputes arise, regulatory agencies and public security authorities need to identify the authorization, but there is a lack of effective means of identification to confirm whether the authorization was signed by the financial consumer himself or herself at the time of the business. At present, the state's protection of personal information is increasing, especially with the implementation of the Cybersecurity Law, financial, credit and data service organizations are likely to be held legally liable if they fail to protect the user's right to know and consent in the process of personal data collection and use. How to effectively safeguard the security of personal information and collect and use relevant information in a lawful and compliant manner under the premise of enjoying the dividends of the big data era has become an issue that practitioners urgently need to address. In response to the current authorization and collection of personal data, the introduction of fintech to help them move towards compliance is a good idea. In the near future, a data information subject electronic authorization product developed by the third-party electronic certification authority China Financial Certification Center (CFCA) - "Safe Authorization" will soon be online, which can provide the following services for relevant institutions in obtaining authorization for users' credit inquiries, legitimate and compliant use of user information. The product can provide the following assistance to relevant institutions in obtaining users' credit inquiry authorization and legally using users' information in a compliant manner: based on electronic authentication, FIDO biometrics and other technologies, the product realizes the authentication of users' identity and the electronic signature of the authorization letter, which can play a role in resisting repudiation, preventing tampering and forging, and guaranteeing the authenticity, completeness and confidentiality of the authorization letter content, and conforms to the legal norms of our country's "Contract Law," "Electronic Signature Law," "Network Security Law" and the "Credit Collection Industry Management Regulations" and other laws. Legal norms, the signed electronic authorization and the traditional paper authorization have the same legal effect, for the electronic authorization of the signatory and the use of the party to provide perfect judicial protection.

"Peace of mind authorization" electronic authorization can verify the true validity of the user's signature

Adopting the principle of "one authorization for one thing", i.e., for a specific purpose, obtaining a proprietary authorization at a specific time and confirming the time of authorization through the issuance of a scene certificate or the stamping of an electronic time-stamp. Add an electronic time stamp to confirm the authorization time, to avoid the emergence of a single authorization, but was repeated, many times, unlimited use of the situation.　　For individual users, if the relevant organizations use the "Safe Authorization" platform to let them sign the electronic authorization, the user will receive a prompt of cell phone verification code before signing, which protects their right to know. Once there is an authorization dispute afterwards, "Safe Authorization" can also issue "Digital Signature Verification Report" and other electronic evidence for the parties to use as judicial evidence.　　The form of electronic authorization adopted by "Safe Authorization" is in line with the application and regulatory needs in the era of big data, and can be widely used in big data information query scenarios. In the long run, in addition to financial and credit bureaus, all industries related to the use of data services can adopt this approach to ensure the standardized query, collection and use of personal information.