It is a very common phenomenon these days that People trust websites and rely on them to find their perfect match and true love however the lesser know fact is the way in which these sites make money out of these innocent victims.
Let me help you get a clarity on these facts and how you are robbed of your own identity by allowing these sites to use your Pictures.
I am an ex-employee of an agency based in India that works for “LOVOO GMBH”. Aka “Lovoo dating” or “LOVOO - People like you ( www.lovoo.com )”.
Since the past 6 months I and my colleagues worked for this agency based in Surat, Gujarat, India. There is no other project that we work on. Our job is to check and verify images uploaded by the users of Lovoo for any possible stock images( images available on Google or internet in general ) or so.
WHAT THE PROCESS IS AND HOW IT WORKS
Having said this, it is from the past few months that we noticed that Lovoo has compromised on its standards of verification and has created a different segment on its site to permit stock or so to say stolen images on its websites under the name of NON-PROFILE images that come to us as FEED images. There are 2 sections under which the new pictures come for verification. I.E. PROFILE AND FEED. There was a time when these images were not allowed at all and were deleted or marked as stolen.
When we work on Profile we only get pictures uploaded as profile however in FEED everything is approved ( as stated earlier ).
How this effects the user of LOVOO:
• Any person interested in chatting of being friends with another person actually does not see the real picture of he/she however in most likely cases sees a stock image. This is mostly the case as spammers do not upload their images and use FEED mostly.
• A person may fall prey to some spammer by seeing his or her picture which in fact is nothing but a stolen image of someone else as that is no longer being tagged as stolen or deleted since it comes as FEED picture.
• The only tool that Lovoo has permitted or prefers to be used by agency is ‘Search by image’ and that is not precise as even a little bit of editing on any stock image will not reap any results in ‘search by image’.
How this benefits LOVOO:
• The sole and the primary reason for LOVOO to create a FEED section is so that they can have more users who can maybe use stock images and add to the pile of member counts as compared to the actual number. At this point it is imperative to mention that the actual count ratio of men to women users of Lovoo is 10:1. Also a major female population is either bots, ESCORTS, spammers or fake profiles created by Lovoo marketing team. In very few rare cases only do you find a genuine lady seeking a single male.
• With this Feed Section now even LOVOO can create fake profiles and send luring friend request or chat request in other words ‘BOT’ request asking users to shell money and buy credits. These credits are then used by the same users on these fake ‘BOT’ profile and that’s how LOVOO generates more revenue.
DAY IN and DAY OUT you receive notifications on your registered email from these fake BOT profiles who actually never respond to you once you have purchased credits. Till the time you do not buy credit, there are very high chances of you getting these mails almost every day and at around the same time.
All this is just one side of the coin.
Now the interesting part and how an IDENTITY theft can occur:
As mentioned there are agencies that work for Lovoo and our’s was one such agency. In our agency QSS we have
• zero employee verification or back ground check process.
• Anyone from any background can come in and start working as they are always in deficit of team members. Constant attrition of employees is the reason why there is no background check or verification done.
• No ‘IT’ or ‘HR’ Team to monitor violations or internet use or policy breaches.
• Lovoo has never checked the genuineness of any employee with its outsourcing agency so if a team member by the name of SAMIR or PREM is working on a shift of QSS then that person could be anyone. It could be a Joe, John or any Tom Dick and Harry as Lovoo is not kept in the loop neither is any employee data shared with Lovoo. Once an ID and password for login is created by LOVOO, it is deemed that the user of that id and password or the employee will go on with the agency forever and ever.
• No secured servers internally in the agency. In all we have only 12 computers on the production floor. All of which are rental ones. Any and All of the data is easily available on the main PC (the 12th one and so-called server cause it has a larger HDD ) hard drive. This data is easily available to be mailed across to anyone as there is no Internet access restrictions, Firewalls, website restrictions or social media restriction. Mails from any mail box or even for that matter cloud drives can be accessed and this data can be stored anywhere. So DATA SECURITY parameters are NONE.
• There is no data security as such. Any one and every once can use as USB pen drive and upload download data from any PC
• Our PC’s are rented through an agency and these PC’s run down frequently. So in a case when our PC’s go for repairs, so does the data and images too and there is a very high chance of user images going out of office premise frequently.
• The backend site URL works on mobile phones and when we need an emergency off we are asked to work from home or internet cafe’s to achieve productivity and fulfill targets as our competitor agency is a bigger team and we cannot fall back.
There is no Quality check as such from our agency QSS whatsoever. There is a weekly dump file created and maintained which has random and imaginative data with errors so that if Lovoo wants, this file can be sent.
QC From Lovoo Side
There is a set guideline according to which images or uploaded pictures in other words need to be checked. Now Lovoo does a QC on and off once in a while and sometimes on quarterly basis as they are short of QC staff. There is no stated timeframe as such for this QC check.
Now a trained agent usually achieves 12000+ count on a daily basis with atlest 5% error rate so if you look at it in numbers it is a minimum of 600 errors. These can be any errors right from stock images to restricted photos. Thats how the verification is done.
There is one more aspect in verification PROCESS
Whenever a user of Lovoo uploads his picture with a code verification he is entitled to get free credits and he can then chat with any one. Also another major privilege he gets is that his profile shows as ‘VERIFIED’ in other words, TRUSTED. These types of users are usually the one’s whose friendship and chat requests are preferred more. Now if someone gets verified wrongly then that person stands the chance to misuse most of the other users data, photos and chat logs.
According to the contract an agency has to be careful with the below mentioned points as they are the most critical aspects. However in this case LOVOO takes least responsibility as long as their work is done. They do not have any parameters for data security whatsoever. Below mentions are some key aspects of the contract points.
THE AGENCY WILL NOT KEEP ANY FILES LOCALLY - LOVOO WILL HAVE COMPLETE ACCESS TO THE AGENCY DATABASE - THE CONTRACTOR WILL NOTIFY THE COMPANY ABOUT ANY DATA BREACH OR DATA STORAGE - THE CONTRACTOR WILL TRAIN AND FAMILIARIZE IT'S EMPLOYEES WITH DATA SECRECY.
Now the above mentioned points are from a document signed between our agency and Lovoo however adherence to these points is ZERO. THESE ARE BASIC ASPECTS THAT NEED TO BE ADHERED TO AS PER GERMAN GOVERNMENT LAWS WHICH LOVOO AND ITS AGENCY QSS FAIL ON DRASTICALLY. THERE is absolutely no DATA Protection whatsoever. Secondly there are many agents of our agency who have left and gone some place else however our Ops Head and CEO does not inform LOVOO of any such resignations and just continues using the Ex-employees ID and hand it over to someone else. This is merely for the fact that Lovoo may deem our agency unstable and stop working with us. Also there is a clause in this LEGAL doc that states that we cannot have copies of any such pictures however we have a stock of over 80000 + picture of actual users and thousands of spammer or stock images. For obvious reasons I cannot share all of them here. These images can be used as profile images for anyone on any social media site and can be misused in the worst possible manner. We have recently worked on over half a million profile pictures as it was Christmas and new year time. Our agency saved a whole lot of new images and were sold off at a very high rate to buyers from various agencies who use these pictures for various reasons.
There are a lot of genuine users and these are most prone to being misused by spammers as actual pictures are hard to find on the internet. Also there are candid moments of people sharing things and fun with their family and kids in specific that they share here. Not knowing the misuse that happens after they upload such pics. There are sites and agencies that buy such pictures and lure Back-office staff employee to give other relevant details so that it can be misused. By the way we also get the names and ages of the users that we verify. So in all we get the NAME, AGE, LOCATION and PICTURE. The most vital details for anyone.
This dating site is not as safeguarded or privacy based as a FACEBOOK or GOOGLE PLUS. THIS site has outsourced its backoffice process to an agency that works for $400 to $600 per agent and these agents actually get INR 8000 to 10000 which makes them easy targets to sell this sensitive data to the right bidder. The profit for the agency management is not in working for Lovoo but the real icing on the cake is selling these images and the revenue that generates with that sale. For the simple fact that their monthly wages are close to $150 -$200 and the rest is agency profit so for them an extra added income is the best source to cover up when they have these kind of projects. A company that buys such data gets the picture, name, age and Location of the person so its a complete package for them. Thats where the privacy clause of Lovoo and the one they make to its users goes for a toss. When we escalated these issues to our management, we were told to mind our business hence we decided to hand over these details to media and news agencies across Europe and America so that innocent users of this site can be safeguarded from spammers and misuse of their personal photos and pics could be stopped. THIS BLOG IS FOR USERS OF LOVOO To know how vulnerable their details and Pictures are. We hope that they understand the aftermath of an identity theft and the impact of sensitive pictures being misused.
The claims that Mr.Benjamin Bak made in an interview last year ( http://www.gruenderszene.de/allgemein/benjamin-bak-lovoo-interview-2015 ) that they have a fake profile prevention team is nothing but a farce and that team he refers to is actually the one here in India. This team infact is the root cause of a big scam that's coming very soon.