Skip to content


  • Add this article to your LinkedIn page
  • Add this article to your Twitter feed
  • Add this article to your Facebook page
  • Email this article
  • View or print a PDF of this page
  • Share further
  • Add this article to your Pinterest board
  • Add this article to your Google page
  • Share this article on Reddit
  • Share this article on StumbleUpon
  • Bookmark this page

Insurtech: balancing personalisation with privacy

The shift from reactive to proactive business models, enabled by technology and data, drives the rise of InsurTech. But the industry must also consider the wider societal implications of personalised risk data.

The insurance industry is undergoing a transformation driven by technology, data and changing customer expectations. Although the insurance industry has significant barriers to entry and has been slow to change, we expect radical disruptive innovation both from new entrants and the established players within the financial services industry. The rise of InsurTech is driven by the shift from reactive to proactive business models enabled by technology and data.

Changes in distribution models and insurance products are mainly driven by customers, who now expect a more personalised and cost-efficient insurance product. Data driven personalisation allows insurers for the first time to have detailed knowledge about their customers rather than solely relying on actuarial statistics. The technology now exists to allow insurers to assess and price the risk of each individual customer. This can be a boon for customers, driving down individual prices and rewarding good behaviour.

Yet, with personalised insurance products comes a dilemma - the ability to price risk individually comes at the cost of privacy. When it comes to things like car insurance, the trade-off may be easy to assess. However, when it comes to medical data and insurance, privacy is a larger issue.

How will ethical data issues be solved when customers also demand a cost-efficient and personalised insurance product? If insurers have legal access to personal data, they will use it. We see this already today, when, for example, speeding ticket records or historical health data is factored into risk profiling and underwriting, impacting car or medical insurance premiums and policy conditions. So, who will be the future guardian of customer’s privacy – insurers or regulators?

The power of data to create value for everyone
Insurers today can collect increasing amounts of data about their customers. Using data on customers’ buying behaviours enables insurers to suggest appropriate products and tailor their offerings to better serve customers, increase satisfaction and grow loyalty.

In parallel, there are new digital insurance channels emerging, which can help minimise risk. Big data analytics and artificial intelligence (AI) software have given insurers the opportunity to improve their underwriting, pricing and risk selection processes by using predictive modelling analytics to proactively prevent accidents and hence reduce claims. The development of AI technologies can optimise customer engagement based on preference and different success metrics in real time. The aim is to keep track of customers’ constantly changing preferences.

Technology is therefore enabling companies to go from being reactive to proactive insurance providers. This change and development is not limited to the insurance industry. The same trends can be seen within the travel and financial services industry, for example.

The Internet of Things (IoT), such as smartwatches and wearables, give insurers growing access to data and therefore opportunities. This data allows insurers to monitor behaviours, predict accidents and reduce customers’ risk premiums. Paydrive, Greater Than and Folksam are some of the many Nordic companies using new technologies to lower premiums, enhance risk assessment and innovate within the property and casualty category to win over customers.

Greater Than has created an AI platform called Enerfy to help car insurance companies quantify driver risk¹. Enerfy uses vast amounts of driving data, equivalent to driving round the planet more than 54,000 times, to find links between driving patterns, road safety and fuel efficiency. Greater Than’s platform has been used by Moderna Försäkringar in Sweden and Tryg Forsikring A/S in Denmark. Liselott Johansson, CEO of Greater Than, argues that motor insurance customers have had a tough time understanding why their policies were priced in a certain way. Customers have felt that there was little opportunity for them to affect their policies, regardless of their risk profile. According to Liselott, traditional motor policies are set up so the less risky 80 per cent of policyholders pay too much in relation to the most risk-prone 20 per cent segment of drivers.

Paydrive is another example of a new player in insurance². As a client, you plug in a ‘car box’ that monitors your driving. Folksam, Sweden’s largest life insurance company3, offers a biometric car insurance solution where you can earn up to 20 per cent off your insurance.

AI-driven connected car platforms, which many insurers offer motorists today, incentivise drivers to be more safe and follow insurers’ ‘pay-as-you-drive instructions’. By engaging and making customers more aware, both customer premiums and insurer cost claims can be lowered. For society at large, this type of insurance could drive a total decrease in auto risk. So, it’s in the interest of both customers and providers to find ways to prevent injuries and be proactive. The same logic applies to life insurance, where IoT devices, such as health trackers, can promote a healthy lifestyle.

When do we cross the moral demarcation line?
These new insurance products imply a much closer relationship between insurers and customers. In the case of car insurance, the motorist will always be aware of their driving behaviour thanks to the AI-driven connected car platform. On the positive side, this is excellent for changing behaviour and rewarding low risk driving. Perhaps negatively, customers are constantly monitored when they’re in their car, which may violate customer privacy.

While insurance companies will be most interested in data that affects driving behaviour, ancillary personal data will also be collected about where and when customers drive. It would be easy to infer much about a customer’s personal habits that may have no relation to their driving risk. Customers must therefore be comfortable with the thought that they are allowing their insurers to collect a range of personal data. With access to data comes responsibility. Insurers, customers and regulators will have to agree on where lines are drawn in terms of what personal data is collected, for what purpose and how it will be used, stored and terminated. Customers may appreciate a data-driven policy if it means their premium is lowered. But what if it turns out that you’re driving ‘worse’ than the average driver and the premium increases? Or if your risk profile is changed, limiting your policy coverage? Or if your data is sold to other organisations and used to send you junk mail? It’s easy to see a conflict between price/risk efficiency and customer privacy. New data privacy regulation, such as GDPR, is addressing some parts of this issue, but not all.

Looking at health insurance, we see opportunities to help customers make better lifestyle choices and lower health costs. Today, several health insurers send their policyholders personal health data as an incentive to live a healthier and more active life. Often, health data information is tracked by policyholders using smartwatches or other wearables. Further, customers are getting feedback on their lifestyle, which is directly linked to their premiums. One example of this is Oscar⁴, a digital health insurance company in the United States. Customers who track their steps using an app connected to Oscar get cash rewards when they hit their goals. While this kind of tracking may be relatively benign, not everyone will want to share their steps, pulse or other medical data every minute of the day. Furthermore, the process needs to be governed to verify that it’s the policy holder using the smart device and not the policyholder’s dog, for example. Fraud is already a major issue for insurers, a burden often pushed onto customers’ premiums, and the development of IoT in insurance could easily trigger a new wave of attempts.

Today, the insurance industry is focusing on the positive aspects of IoT and behaviour nudging. But as both medical and computing technology advance, it’s easy to imagine a world where insurance companies know everything about our daily activities. They could monitor our eating, drinking and smoking via our purchasing patterns, and even have predictive data on our genetics. This allows personalisation but has serious implications for privacy. Beyond the privacy issues, the extent of personal data fundamentally changes the purpose and business of insurance, which has traditionally been to price unknowable personal risk using aggregate data. The purpose of medical insurance on a societal level is to provide a subsidy from those who have few health issues to those who have more health issues. While some health problems are due to personal behaviour, others are due to the genetic lottery. Should customers have to pay more due to increased risk from genetic factors? These ethical questions must now be considered anew. Society must weigh fair outcomes for the individual against society at large and be aware of potential unintended consequence to this fundamental industry shift.

Insurers need to think through their business models. Moving premiums from the healthy and good drivers to the unhealthy and bad drivers won’t change anything. But improving general health and driving behaviours will. Regardless of these concerns and whether incumbent insurers are ready to cope with customers’ new expectations, they will need to deliver services through the latest technology and offer cost savings. Otherwise, they might lose their existing and future policyholders to nimbler, tech-savvy start-ups. Insurers, customers and regulators will need to decide to what extent sharing personal data decides the price policyholders will pay, and how comfortable they are sacrificing privacy for personalisation.

Explore further insights on InsurTech and RegTech in our latest publication Next Wave of FinTech

Find out more

Contact the author

Contact the financial services team

Gavin Neilson

Gavin Neilson

Celia Larkin

Celia Larkin

Scott Paton

Scott Paton

Jason Hill

Jason Hill