Krowd is an app that connects people together based on geography; that is, if they are at the same place at the same time. Users sign into the app using the local WiFi, identify themselves by username, and are placed immediately in a group chat comprising anyone else at the location who has signed into the app.

An enhancement of the Krowd app, known as Krowdsafe, leverages the technology to achieve and promote security and safety. Specifically, Krowdsafe enables users to interact directly with security personnel at a public place to report any crimes or security infractions and to enable rapid response. Think of it as “crowdsourcing” security – the app provides more eyes and ears to keep a venue safer. In effect, it enables each of its users to be an extension of the security presence at a venue or event. Krowdsafe improves crowd resilience.

“Crowdsourcing” security – the app provides more eyes and ears to keep a venue safer 

Krowdsafe security app

Krowdsafe also opens a channel of communication for the security team to provide ad-hoc security information reminders or messages. Krowdsafe can be used at a variety of venues, including stadiums, transport hubs, office blocks, retail malls, college campus and major events organizers.

The app does not access identities, violate privacy, or track the movements of users. Other app users only know the information fellow users disclose. Still, group chats, one-on-one engagement, and other social media interactions can ensue, whether about a favorite soccer team or the excitement of a rock concert. The system fosters digital engagement that centers around a physical space. Krowdsafe applies those capabilities to promoting better security.

Enhancing crowd safety and management

The elements of Krowdsafe beat out 67 competitors to win the Defense & Security Accelerator Competition to Innovate Crowd Safety, launched by the UK Home office after terror events in 2017. Key areas of interest in the competition were to improve the detection of threats from explosives and weapons within a range of crowded places with high footfall and so reduce the chance of future attacks. Krowdsafe provides a prioritized, readily accessible and simple way for members of a crowd to communicate with a security team charged with keeping them safe. The £250,000 government award has helped the product move forward commercially at a faster pace.

Krowdsafe also opens a channel of communication for the security team to provide ad-hoc security information reminders or messages.
Krowdsafe app does not access identities, violate privacy, or track the movements of users

Krowdsafe users can tap a red button, prominent on the Krowd app, that says “Report.” They may then choose from a listing of common threat types – from suspicious activity or unattended activity to medical emergency or fire services. The list is configurable by venue and corresponds to any specific threat models.

The list corresponds to the nature of any situation security wants to address, such as “anti-social behavior” at a soccer game. Users in the crowd can anonymously report racist chanting, for example. In a children’s sporting event, the app can be used to facilitate lost-and-found children. If a child gets lost, a user can share a photo with the security team, who can alert the “public” (other Krowdsafe users) and find the child within minutes or seconds.

Encrypted identifier code

A user taps the “Report” button, selects an issue, and an alert goes directly to the security team

A user taps the “Report” button, selects an issue, and an alert goes directly to the security team, who can respond because they have the encrypted identifier code from which the message came. For that point, the security team communicates one-on-one with the user, who can then choose to share their current location with the security team to facilitate response. (The “legitimate interest” of knowing the location negates any privacy concerns.) Once location is enabled, the security team can follow the precise positioning of threats on a map, using GPS and other technologies, or even on a three-dimensional digital map of a multi-story building.

Another security benefit of Krowdsafe is prevention. Event organizers and venue managers can promote the use of Krowdsafe on posters or in announcements throughout the venue. Additional eyes and ears are the equivalent of CCTV coverage on every inch of a venue and use of the system makes the environment more hostile to mischievous, malicious and/or terrorist activity. In effect, bad guys will go somewhere else.

Enhancement to Krowd app

Krowdsafe is an enhancement to the Krowd app, which has been around for a couple of years and is available in app stores for iOS and Android. The app approximates in the digital world the experience of being a stranger in the crowd in the real world. Users can join a conversation based on their username, and then disclose to the crowd whatever they wish (or not). Event managers/organizers can promote hashtags to help identify others in the crowd (such as #ManUnited to identify fans of the same soccer team). In general, users can identify themselves (voluntarily) according to common interests using hashtags.

 “Krowd is a group chat that connects people together at the same place at the same time in a group, but without anyone having to disclose personal information,” says Geoff Revill, Managing Director, Krowdthink Ltd. “You have a digital presence in the same place with other people at the same time.

Wireless connectivity

Users connect initially into the system through WiFi, access to which serves to approximate presence at a venue

Users connect initially into the system through WiFi, access to which serves to approximate presence at a venue. Once someone signs in, information about them is merely a grouping of “hash” numbers, which are used to identify them as they communicate with others in the location. However, the “hashing” cannot be hacked to find a user’s location, thus ensuring greater privacy.

Because Krowd does not collect personal data (which is a revenue source for most social media companies), the company generates revenue by providing the service to venue owners who wish to interact with and manage a crowd.

Data security

Location data is considered sensitive under General Data Protection Regulation (GDPR), and tracking locations can help to identify where someone lives, works, who they associate with, etc. By not tracking location, Krowd avoids the related privacy issues. After initially signing in on WiFi, Krowd communications can also use 2G, 3G and other cellular networks in addition to WiFi.

Addressing privacy concerns is essential to encouraging involvement in the Krowd app, and in Krowdsafe. “If you want people to participate in keeping the crowd safe, you have to get their trust and respect them, that’s a building block behind the behavioral science,” says Revill.

Location data is considered sensitive under GDPR, and tracking locations can help to identify where someone lives, works, who they associate with, etc.
By not tracking location, Krowd avoids the related privacy issues

Privacy protection

Because Krowd users remain anonymous (except for the information they choose to share), user data is not collected (and/or sold or used for future marketing purposes). Krowd’s paying customers are event venues and public places that provide the Krowd service and can promote their commercial messages or provide other information to their populations while on site.

Krowdsafe can provide immediate security benefits to a venue. Even if only 25 staff members use the app in a given location, for example, that’s 25 more sets of eyes and ears to help the security department. In a retail mall, if the staffs of 200 tenant businesses use the app, that’s another 500 or so people watching out for security. Among the general public, use of the app can be promoted in customer newsletters, or by posting group discussions on big screens around a venue.

Wide marketing scope

It enables members of a crowd to report any broken doors, water leaks or blocked toilets

Security is a secondary benefit for some Krowd users, who are drawn to the app because of marketing opportunities, such as the ability to provide discounts or promotional offers to customers while they are on site. The app also encourages social media interaction, while maintaining the venue’s ability to “manage” the crowd by moderating any discussions.

The Krowd app also provides management benefits to a venue. For example, it enables members of a crowd to report any broken doors, water leaks or blocked toilets. In general, the app helps to promote a better brand experience for the customer.

Incident management

One of the UK government’s concerns about Krowdsafe was its possible use by terrorists or other to cause incidents in a public venue. Think of the case of Olly Murs, a U.K. singer, whose mistaken tweets about hearing gunshots caused a brief panic at a department store on a busy shopping day. Might Krowd be uses similarly by a terrorist or other evil-doer to cause chaos or a distraction?

No, says Revill, who points to a higher level of control over content exchanged in Krowd versus Twitter, for example. The security team can censor content or limit its propagation. They can also disable or block a user from communicating on the app. Messages containing dangerous or troubling content, such as racist terms, can trigger alerts to enable security teams to respond quickly.

Share with LinkedIn Share with Twitter Share with Facebook Share with Facebook
Download PDF version Download PDF version

Author profile

Larry Anderson Editor, SecurityInformed.com & SourceSecurity.com

An experienced journalist and long-time presence in the US security industry, Larry is SecurityInformed.com's eyes and ears in the fast-changing security marketplace, attending industry and corporate events, interviewing security leaders and contributing original editorial content to the site. He leads SecurityInformed's team of dedicated editorial and content professionals, guiding the "editorial roadmap" to ensure the site provides the most relevant content for security professionals.

In case you missed it

Which Security Technologies Are Becoming Outdated Or Obsolete?
Which Security Technologies Are Becoming Outdated Or Obsolete?

When technology performs a required task effectively, there is little reason to upgrade to the ‘next big thing’. In this regard, the physical security market is notoriously slow to change. Much of yesterday’s most robust and dependable equipment is still in place at thousands of customer sites, still performing as well as the day it was installed. However, there comes a point when any technology becomes outdated. We asked this week’s Expert Panel Roundtable: Which security technologies are becoming outdated or obsolete?

Physical Security And The Cloud: Why One Can’t Work Without The Other
Physical Security And The Cloud: Why One Can’t Work Without The Other

Human beings have a long-standing relationship with privacy and security. For centuries, we’ve locked our doors, held close our most precious possessions, and been wary of the threats posed by thieves. As time has gone on, our relationship with security has become more complicated as we’ve now got much more to be protective of. As technological advancements in security have got smarter and stronger, so have those looking to compromise it. Cybersecurity Cybersecurity, however, is still incredibly new to humans when we look at the long relationship that we have with security in general. As much as we understand the basics, such as keeping our passwords secure and storing data in safe places, our understanding of cybersecurity as a whole is complicated and so is our understanding of the threats that it protects against. However, the relationship between physical security and cybersecurity is often interlinked. Business leaders may find themselves weighing up the different risks to the physical security of their business. As a result, they implement CCTV into the office space, and alarms are placed on doors to help repel intruders. Importance of cybersecurity But what happens when the data that is collected from such security devices is also at risk of being stolen, and you don’t have to break through the front door of an office to get it? The answer is that your physical security can lose its power to keep your business safe if your cybersecurity is weak. As a result, cybersecurity is incredibly important to empower your physical security. We’ve seen the risks posed by cybersecurity hacks in recent news. Video security company Verkada recently suffered a security breach as malicious attackers obtained access to the contents of many of its live camera feeds, and a recent report by the UK government says two in five UK firms experienced cyberattacks in 2020. Cloud computing – The solution Cloud stores information in data centres located anywhere in the world, and is maintained by a third party Cloud computing offers a solution. The cloud stores your information in data centres located anywhere in the world and is maintained by a third party, such as Claranet. As the data sits on hosted servers, it’s easily accessible while not being at risk of being stolen through your physical device. Here’s why cloud computing can help to ensure that your physical security and the data it holds aren’t compromised. Cloud anxiety It’s completely normal to speculate whether your data is safe when it’s stored within a cloud infrastructure. As we are effectively outsourcing our security by storing our important files on servers we have no control over - and, in some cases, limited understanding of - it’s natural to worry about how vulnerable this is to cyber-attacks. The reality is, the data that you save on the cloud is likely to be a lot safer than that which you store on your device. Cyber hackers can try and trick you into clicking on links that deploy malware or pose as a help desk trying to fix your machine. As a result, they can access your device and if this is where you’re storing important security data, then it is vulnerable. Cloud service providers Cloud service providers offer security that is a lot stronger than the software in the personal computer Cloud service providers offer security that is a lot stronger than the software that is likely in place on your personal computer. Hyperscalers such as Microsoft and Amazon Web Service (AWS) are able to hire countless more security experts than any individual company - save the corporate behemoth - could afford. These major platform owners have culpability for thousands of customers on their cloud and are constantly working to enhance the security of their platforms. The security provided by cloud service providers such as Claranet is an extension of these capabilities. Cloud resistance Cloud servers are located in remote locations that workers don’t have access to. They are also encrypted, which is the process of converting information or data into code to prevent unauthorized access. Additionally, cloud infrastructure providers like ourselves look to regularly update your security to protect against viruses and malware, leaving you free to get on with your work without any niggling worries about your data being at risk from hackers. Data centres Cloud providers provide sophisticated security measures and solutions in the form of firewalls and AI Additionally, cloud providers are also able to provide sophisticated security measures and solutions in the form of firewalls and artificial intelligence, as well as data redundancy, where the same piece of data is held within several separate data centres. This is effectively super-strong backup and recovery, meaning that if a server goes down, you can access your files from a backup server. Empowering physical security with cybersecurity By storing the data gathered by your physical security in the cloud, you're not just significantly reducing the risk of cyber-attacks, but also protecting it from physical threats such as damage in the event of a fire or flood. Rather than viewing your physical and cybersecurity as two different entities, treat them as part of one system: if one is compromised, the other is also at risk. They should work in tandem to keep your whole organization secure.

Hybrid Working And The Threat Of Desk Data
Hybrid Working And The Threat Of Desk Data

The transition to remote working has been a revelation for many traditional office staff, yet concerns over data security risks are rising. Mark Harper of HSM explains why businesses and their remote workers must remain vigilant when it comes to physical document security in homes. Pre-pandemic, home offices were often that neglected room in people’s homes. But now things are different. After the initial lockdown in 2020, 46.6% of UK workers did some work at home with 86% of those doing so because of the pandemic. Semi-Permanent workspaces Since then, many have found that over time, those semi-permanent workspaces have become slightly more permanent – with official hybrid working coming into effect for an assortment of businesses and their teams. The adoption of hybrid working can in fact be seen as one of the few positives to come from the pandemic, with less travel, more freedom and higher productivity top of the benefits list for businesses and their employees. The handling of sensitive documents, is a growing concern for office managers But those welcomed benefits don’t tell the whole story. The transition to remote working has undoubtedly impacted workplace security, with various touch points at risk. The handling of sensitive documents for example, is a growing concern for office managers. In simpler times, sensitive data was more or less contained in an office space, but with millions of home setups to now think about, how can businesses and their office managers control the issue of desk data? Physical document security As of January 2021, it’s said that one in three UK workers are based exclusively at home. That’s millions of individuals from a variety of sectors, all of which must continue in their efforts to remain data secure. With that, reports of cyber security fears are consistently making the news but that shouldn’t be the sole focus. There is also the underlying, but growing, issue of physical document security. The move to remote working hasn’t removed these physical forms of data – think hard drives, USBs and paper based documentation. A recent surge in demand for home printers for example, only exemplifies the use of physical documents and the potential security issues home offices are facing. Adding to that, research conducted in 2020 found that two out of three employees who printed documents at home admitted to binning those documents both in and outside of their house without shredding them. Data security concern Without the right equipment, policies and guidance, businesses are sure to be at risk Those findings present a huge data security concern, one that must be fixed immediately. The Information Commissioner’s Office (ICO) has since released guidance for those working from their bedrooms and dining tables. Designed to help overcome these challenges, the ‘security checklists’ and ‘top tips’ should be the first port of call for many. Yet throughout, the ICO make reference to ‘following your organization’s policies and guidance’ – highlighting that the onus isn’t solely on the individuals working from their makeshift offices. Office managers have a monumental task on their hands to ensure teams are well equipped within their home setups. Without the right equipment, policies and guidance, businesses are sure to be at risk. But it would be wrong to insinuate that unsecure desk data has only now become an issue for organizations. Modern office spaces Keeping clear desks has long been a battle for many office managers. In fact, clear desk policies are practiced in most modern office spaces, with it recognized as a key preventative to personal information being wrongly accessed and so falling foul of GDPR legislation. Throwing sensitive documents in the bin was never an option pre-pandemic However, the unsupervised aspect of home working has led to a potentially more lax approach to these policies, or in some cases, they can’t be followed at all. For those taking a more laid back approach, organization leaders must remind staff of their data security responsibilities and why clear desk policies have previously proven effective. Ultimately, throwing sensitive documents in the bin was never an option pre-pandemic and this must be carried through to home workspaces now. Securely destroy documents There are also concerns over the equipment people have access to at home. For example, without a reliable home shredding solution, data security suddenly becomes a tougher task. To add to that, several recommendations state that employees working from home should avoid throwing documents away by instead transporting them to the office for shredding once lockdown rules ease. While this is an option, it does pose further issues, with document security at risk of accidental loss or even theft throughout the transportation period, not to mention the time spent in storage. The best and most effective way to securely destroy documents is at the source, especially in environments where higher levels of personal data is regularly handled. Correct shredding equipment The recent findings on home office behavior represent a true security risk Only when home workers implement their own clear desk policies alongside the correct shredding equipment (at the correct security level), can both home office spaces and regular offices become data secure. Realistically, these solutions should, like the common home printer, become a staple in home office spaces moving forward. The likelihood is that many UK workers will remain in their home offices for the foreseeable future, only to emerge as hybrid workers post-pandemic. And while the current working environment is more ideal for some than others, the recent findings on home office behavior represent a true security risk to organizations. With this in mind, it’s now more key than ever for business leaders, their office managers and homeworkers to all step up and get a handle on home data security policies (as well as maintaining their standards back at the office) – starting with the implementation of clear desk policies. After all, a clear desk equals a clear mind.