CASE STUDY

Decentralized Consent
Management with BMO

July 2021 – July 2022

The Business Challenge

With today’s shift to digital services and the rising importance of data privacy, financial institutions are seeing increased pressure to protect client data to avoid leaks and potential breaches. That’s why we worked with Bank of Montreal (BMO) on a Proof-of-Concept (PoC) to test how SoLID can potentially be used to manage user consent.
BMO

The Solution: Creating Consent

Kelvin Zero was engaged with BMO with the goal of exploring the capabilities of SoLID to manage customer consent across a blockchain network. The objective of the consent tracking prototype was to link “consent transactions” to requests and securely track, trace, confirm, and revoke consent in real time. The project was ultimately delivered ahead of the forecasted schedule of 12 months, in 8 months – posting a valid SoLID transaction on a bitcoin test-net with private and public keys stored in an offline HSM (Hardware Security Module). Although more development is required before the solution is implementation ready, the exercise demonstrated that our unique, decentralized solution has the potential to be used in real time to solve real banking use cases.

System Features

BMO
Logging

Tacked multi-party consent authorization and revocation.

Traceability

Consent and client data tracing across authorized applications.

Auditability

Integrated auditing with data integrity at every step.

Revocation

Specific or complete revocation of data across bank and third-party services.

System Benefits

Enhanced privacy

  • Scalable client consent authentication and revocation distribution
  • Integrated data request and access tracking
  • Adherence to consumer privacy provisions

Increased efficiency

  • Connected client-data distribution across applications and processes
  • Reduced infrastructure stress
Resource Optimization
  • Reduced database and computing load
  • Streamlined infrastructure reducing architectural complexity
  • Automated real-time client consent and data access traceability
Put Multi-Pass in the hands of your remote
workforce and take the first step towards
building your zero-trust architecture.

Start your journey to zero-trust security​

CASE STUDIES

Related Studies