Towards a Blockchain-empowered Consent Management
Today’s financial institutions are focusing on the development of intelligence support tools, that are exploiting the advancements of the data analytics, in order to enable the introduction of innovative customer services that solve business problems, including improved Know-Your-Customer processes and consequently Anti Money Laundering, Credit Scoring and Fraud Detection services. However, the prerequisite for these intelligence support tools is the permission of the customer to share data that will be utilised in this process in order to better understand customers and their financial relationships. To this end, the need for a framework that provides a trusted and secure sharing mechanism of customer consent arises, in which customers maintain the full control and management of the usage and sharing of their own banking data.
Blockchain technology, and more specifically the permissioned blockchain technology holds the potential to enable the development of a decentralised and robust consent management mechanism, which will enable the effective and efficient sharing of the customers’ consent, towards the exchange and utilisation of customer data across different financial institutions. Blockchain is Distributed Ledger Technology (DLT) integrates (amongst others) two key features, and more specifically the decentralisation and the immutability of the distributed ledger. These features are considered critical for overcoming the underlying challenges of trust improvement, by offering the appropriate security, data privacy and integrity of the customer data processing consents, with advanced cryptographic techniques and signatures.
Within the context of INFINITECH, UBITECH will develop a blockchain-enabled consent management mechanism, that will enable the financial institutions to effectively manage and share their customers’ consents in a transparent and unambiguous manner. In this context, the financial institutions will be able to maintain immutable records for any customer data they are managing, upon the customer’s consent, along with the status of their consent, the recipients, the purpose and the valid time period. On the other hand, the customers will be able to be constantly notified about consent requests, to activate or revoke their consent, and be constantly aware of all their active consents to each particular recipient. Furthermore, the consent management mechanism will capitalise on the offerings of the blockchain technology in order to provide the complete consents’ versioning and history. The consent management mechanism will provide immutable versioning control through the blockchain and support the retrieval or query of not only the latest version of each consent but also all the previous versions along with their validity periods.
Blog post authors: UBITECH