Data Hub

Introduction

This article describes the Data Hub architecture on the Trusted Twin platform.

The purpose of this article is to provide system architects and developers with conceptual knowledge required to design Data Hub solutions on the Trusted Twin platform. In order to consult developer resources, please go to the Trusted Twin docs website. For more information, please get in touch with us at hello@trustedtwin.com.

10 min read

About Data Hub

The Trusted Twin Data Hub allows Data Providers to monetize their customer data by letting Data Users access insights from the data. Data Users can access the data in real time and enhance their decision-making process with additional insights about a given consumer, and also make such a decision in real time, thus providing a better customer experience.

Architecture

Data Providers and Data Users

The Data Hub participants are:

  • Data Providers: organizations to whom customers have provided their data,
  • Data Users: organizations that need to access insights about a given customer with the consent of the customer in order to make a decision concerning that customer.

On the Trusted Twin platform, both Data Provider and Data User organization are represented by accounts.

 

Figure 2. Accounts (Data Providers and Data Users)

Within each account, there are users with roles assigned. A role is a collection of permissions that defines operations a user is allowed or not allowed to perform, and on which resources they can perform the operations.

Read more: Account and access

Developer resources
Account
Users and roles

Customer profiles

Privacy enhancing technologies
Before starting with customer profile creation, it is essential to plan the incorporation of PETs (Privacy Enhancing Technologies) to protect personal data.
Twins
On the Trusted Twin platform, customer profiles are represented by Twins.

 

Figure 3. Account (data provider) and Twins (customer profiles).

Identities

You can add one or more Identities to a Twin. Identities identify Twins. They can be hashed identifiers of a given ID of a customer used for by data users accounts to check whether a customer profile is made available to them by a data provider account.

 

Figure 4. Identities with different visibility.  

Ledgers and entries

The information about a given Twin is stored in Entries of the Ledger of that Twin. The visibility can be set at the level of a single Entry, thus enabling different Entries of a Ledger to be visible to different accounts.

 

Figure 5. Ledger Entries with different visibility.  

Read more: Shared object

Developer resources
Twins
Identities
Ledgers

How it works

Step 1. Checking data availability

A Data User can check whether a Data Provider made a profile of a given customer available to them by checking whether a given Identity is attached to a Twin. This can be done through the resolve_twin_identity endpoint.

If an Identity is available to the Data User, they will receive a Twin UUID (unique identifier of the Twin) or a list of Twin UUIDs if more than one Twin has the given Identity. Below you can see examples of details of a single Twin (Figure 6) and details of multiple Twins (Figure 7).

 

Figure 6. Resolve Twin Identity returns Twin details.

If there are multiple Twins returned, they can be distinguished by unique identifiers of accounts or by information included in the optional “description” field.

 

Figure 7. Resolve Twin Identity returns details of two Twins.

If there is no Identity available to the given user of the account, the result will be an empty list.

 

Figure 8. Resolve Twin Identity returns an empty list.

Developer resources
resolve_twin_identity

Step 2. Accessing data

Once the Data User has obtained the Twin UUID (unique identifier of the Twin), they can use it to access the customer profile through the get_twin_ledger_entry_value endpoint.

 

Figure 9. Get Twin Ledger Entry Value.

Developer resources
get_twin_ledger_entry_value

Tips & tricks

  •  
  • To log data about access to resources in your account, you can use the Resource Access Log functionality.

Read more: Resource Access Log

Developer resources
Resource Access Log

  • To log data about the activity of a given user belonging to your account, as well as the activity related to User Tokens generated by that user, you can use the User Activity Log functionality.

    Read more: User Activity Log

    Developer resources
    User Activity Log

For more information about how to use the Trusted Twin platform in your application’s architecture or technology stack, please contact hello@trustedtwin.com or schedule a video consultation with us through Calendly.

ON THIS PAGE