[sedachv]

Source: worked for an online payday lender. There are a lot of commercial APIs from "Consumer Reporting Agencies," providing public information beyond credit rating agencies, that are in use to determine lending decisions. The Wikipedia article on the FCRA[1] has a brief list of these firms and a summary of the laws around data collection and dissemination. IMO the United States needs to both step up enforcement of existing data privacy laws, and more legislation protecting people.

[1] https://en.wikipedia.org/wiki/Fair_Credit_Reporting_Act

[J5892]

I assume, in the case of a payday lender, that that data was mostly used to determine how gullible a potential customer is, and how easy it will be to fuck them over entirely.

[sedachv]

Pretty much. One of the metrics optimized for was profitability of repeat business. You want that inflection point where you get as much as possible from the customer while still leaving them solvent and up to date on payments. This is where having all that data was essential - you can build models and determine what the inflection point would be, in terms of payment terms for a specific customer. Traditional payday lenders do not have this data - they would just try to impose the biggest APR and penalties on a customer and rely on collections to recover as much of the "fictitious" (fictitious in that their business plan presupposes they will not be able to collect the majority of it) debt as they could. Collections is expensive and eats into your margins.