Invented by Huiyue Xu, Jason Gerardi, Javier Dominguez, Sara DeBella, Sreedhar Vemuri, Syniverse Technologies LLC
The Syniverse Technologies LLC invention works as followsA specialized network and application system that includes a campaign and consent blockchain network for advertising campaigns. Users’ personal data records are stored in off-chain databases, as they are not suitable for storing on a blockchain ledger. The user is sent an opt-in link that prompts them to consent to receive advertising campaign messages. The invention verifies the consent of the user using a token that is only used once. If the verification is successful the advertising campaign messages will be sent to the user. The invention allows users to centrally control their consents and preferences for different enterprises, channels, or campaigns. It stores encrypted consents and preferences data in a trusted blockchain network.
Background for System and Method for Blockchain-based Consent and Campaign Management
It is important for companies to protect their users’ privacy before sending mobile communications, or accessing personally identifiable data (PII). Consent Management Services add an extra layer of trust to the relationship between companies and users. They do this by obtaining and storing consent before accessing data about users or sending mobile communications.
The consent management system manages consent status, auditing, and tracking to ensure compliance with the local laws and regulations. This convention is designed to protect the privacy of users. It ensures that no subscriber credentials will be distributed.
However, there is currently no place where users can manage their consent/opt in preferences. Users may have to interact with several companies, and manage their consent/opt in preference multiple ways. “The absence of a central consent management system could lead to a repetitive process for users who need to update or delete personal information, and consent in the consent management systems of individual enterprises.
This invention is a specialized network and application system that includes an exemplified campaign and consent blockchain network. It allows different participants to join the networking system and implement their own functions. In one embodiment, the invention comprises multiple application nodes that implement different functions to meet the needs of various participants. The invention also includes off-chain database to store data records which are not suitable for storage in the blockchain ledger. Off-chain data records could include personal records with private attributes which must be stored securely, and modified or deleted.
The present invention, in one embodiment, provides a method of consent and campaign management that includes transmitting by an enterprise an opt-in message to a user. This opt-in message invites the user to consent for one or more campaign messages to be sent to the user. The method also includes generating a token for a single use in response to a user accessing a blockchain network through the link, sending the token to the users, and issuing the private key after the user logs into the network with the token. The method also includes receiving a response from a user to an opt-in, which includes personal data. Encrypting this data with the private key, and storing it in an off-chain data base, then logging that response into the blockchain.
This invention allows users to centrally manage consents/preferences across enterprises, channels, and/or campaign, by storing encrypted consents/preferences into a trusted blockchain network and validating preferences before sending a message for a particular campaign (via SMS, email, voice calls, etc.). The subscriber receives audit trials, historical campaign messages and analytic data.
This invention allows enterprises to communicate with a blockchain computer network. They can update their campaign information and subscription channels to the blockchain network. They can also validate the preferences of a subscriber before sending marketing campaign messages.
The invention allows third-party auditors and legal/regulators to communicate via a distributed computer network and conduct audits of the engagement history for each user, as well as each company’s status on campaigns and recipients.
The complexity of managing consent and opt-in for subscribers is a challenge that businesses face. This is because each industry has different requirements and every country may have its own rules and regulations.
Mobile Network Operators and Enterprises face the same challenges. They must validate subscriber contact information while also ensuring subscriber privacy. It is undesirable that there is a lack of transparency as to who/what/where/when/why personal information is shared.
Blockchain” is a decentralized digital ledger which records all transactions across a peer to peer network. This allows participants to transfer assets over the Internet without a third-party. Blockchain networks are immutable, so consent data can never be deleted. This provides a trusted audit track. In the present invention blockchain ledgers are utilized to record subscriber opt-ins, campaign messages sent to subscribers, the method used, the timestamp etc. Along with any subscriber responses (i.e. opt-out). “An offline database with encrypted subscriber information is also used to protect personal data.
In the embodiment shown in FIG. The invention comprises a specialized Blockchain networking and application system (100) that includes a consent and campaign blockchain network (145), allowing participants to join and perform their own functions. This embodiment includes multiple nodes 140 that implement different functions to support requirements of various participants. It also includes off chain databases 150 for storing data records not suitable for storing in the blockchain ledger of the consent campaign blockchain network 145. Off-chain data records in off-chain databases may be personal records with private attributes, which must be stored securely and could need to be deleted or modified.
As shown in FIG. The consent and campaign system 100 has multiple participants. Users 130 manage their consent and personal profile information. Enterprises 105 and marketing firms 135 are involved in managing their company campaign information, and triggering marketing campaigns to users 130 who have opted-in to a campaign. Audits are conducted by the regulators or auditors 125 based on blockchain records of the consent and campaign network 145. The event notification providers 120 verify the consent information and deliver the campaign messages to opt-in users. They also log the campaign transactions in the blockchain. “The blockchain network operators 120 run the consent-campaign blockchain network 145, and the consent-campaign solution provider 115 provides the application software and develops the solution for the users 130.
FIG. The block diagram of FIG. 2 illustrates various software components that make up a consent management and campaign system 200 according to the present invention. The various software elements illustrated in FIG. The examples in FIG. 2 are illustrative and not meant to be restrictive. The blockchain network of the consent management system 200 consists of distributed blockchain nodes (210, 212 and 214) that share a ledgers database 215 to create an immutable record trail. This is due to blockchain technology. The enterprise node includes specialized software modules. These include the campaign manager module to allow the enterprise to manage its campaign information. Also included is the campaign simulation module to simulate campaign delivery effectiveness prior to the enterprise 220 starting the actual campaign message.
The user node shown in FIG. The software modules in 2 are designed to meet the needs of users with regard to consent and campaign administration. Profile management module 232 adds, updates or deletes user information in a secure manner. A change in personal information can also result in a change of consent for each campaign, if that personal information is being used. The module for campaign subscription 238 is responsible for managing the subscription and unsubscription to enterprise campaigns, as well as sharing each personal attribute across different campaigns. The campaign transaction module manages all the messages that were delivered by the enterprise 220 to the user as part of a campaign event. The consent preferences module allows users 230 define their preferences towards each campaign.
The embodiment shown in FIG. The engagement node 240 manages the delivery to users 230 of campaign messages. The engagement node includes the validation engine 242 which validates the opt-in information of the user and their preferences before initiating the delivery of the campaign message to the individual user 230. This ensures that the message is delivered in compliance with regulatory requirements. The engagement node 240’s delivery engine 244 interfaces with external delivery channels 250 such as an SMS (Short Messaging Services) gateway 256 for sending the campaign messages to users 230 by text message. IM (Instant Messaging), gateway 254 and voice gateway 258 are also available.
The consent and campaigns management 200 also includes a software-implemented audit system 260 for conducting audits on the blockchain records of the consent blockchain network 205, and off-chain databases (270) to store user data records which are not suitable to be stored in the blockchain ledger 215.
According to GDPR (General Data Protection Regulation), the consent and campaign-management system must maintain the corresponding records that demonstrate when and how an enterprise obtained consent from users (participants) 230, including evidence of:
The block diagram in FIG. The data models 300 are stored in a distributed blockchain 310 and an off-chain database. The exemplary database 305 comprises a database 307 for campaign attributes and a database 309 for personal attributes. In the embodiment shown in FIG. The consent ledger 312 keeps track of the latest opt-in or opt-out consent for the enterprise campaign and users, while the blockchain nodes store the consent transactions 314 and 318. The consent transaction nodes 314,318 contain detailed information about the consent. For example, they include consent type. The consent transaction nodes 314,318 contain information that can be used to verify and update the consent ledger 312. This creates a unique auditable history of consent. The consent ledger or consent transaction fields do not include any personal attributes. Campaign transactions node 316 contains messages sent to opt-in users. This can be used to audit the consent evidences as well as the message history.
The data model 300, as shown in FIG. The third figure also contains user devices/ wallets 320 322, 324. Each of these includes a private key 344 348 as well as a public 342 346 350 key associated with the respective users. The private key 340 is used to encrypt personal attributes in the off-chain database 305. Private keys 340, 344, 348 are only stored on the device of the user. The invention guarantees the authenticity of data because the encrypted data in the off-chain database 305 is not changeable. Third parties that need to access personal information of the user must use their public key 342 or 346.
The data model 300 shown in FIG. The third figure also contains enterprise wallets/servers 330, 332 334, which contain private keys 360 and 368, as well as public keys 362, 366, 370, associated with the participating enterprises. The private keys 360 and 368 are used for encrypting the campaign attributes in the database 307, the campaign attribute database of the off-chain campaigns databases 305. The enterprise server/wallet 330, 332/334 securely stores the private keys 360.364.368. This ensures that the encrypted data in the off-chain database 305 is authentic. Third parties that need to access campaign information must use the enterprise’s public key 362,366,370.
Click here to view the patent on Google Patents.