How priviti works

Priviti uses a unique
multi-channel authorisation
and authentication solution

Partitioned messages sent through two different channels ensures information availability is authenticated by the genuine Authoriser and only to the permitted Recipient.

How Priviti works

STEP 1

  • 1.1 A Linking Code is inserted by the Authoriser into their device.
  • 1.2 The 1st Channel Message consisting of an APP ID and the Linking Code is sent from the Authoriser’s application to the Linking Server.
Priviti

STEP 2

  • 2.1 The Authoriser enters their Secret Code into the Receiver’s device application.
  • 2.2 The 2nd Channel Message consisting of the Secret Code and the same Linking Code is sent from the Receiver’s device application to the Linking Server.
Priviti

STEP 3

  • 3.1 The time-limited Linking Codes received at the Linking Server via the two independent channels are verified.
  • 3.2 If the Linking Codes match, the Linking Server forwards the received APP ID and Secret Code to the Vault Server for verification.
  • 3.3 If the combined APP ID and Secret Code received at the Vault Server matches the combined APP ID and Secret Code record on file in the Vault Server, the sensitive/confidential information is made available to the permitted Receiver.
Priviti
 
GLOSSARY
Vault
A secure storage mechanism for sensitive or confidential information.
Authoriser
The person/entity whose sensitive/confidential data is stored in a vault.
App ID
A unique Authoriser ID embedded within their device app. It is bound to a Vault record affiliated to that Authoriser. The device never contains any sensitive/ confidential information.
Secret code
A Vault code record bound to, and otherwise only known by, the authoriser.
Receiver
The recipient whom the Authoriser gave permission their data be made available for a specific use.
Linking code
A once-off unique code.
Linking server
A server function that assesses whether unique Linking Codes match.
1st Channel Message
The first of the two required messages sent to the Linking Code Server from the Authoriser’s app.
2nd Channel Message
The second of the two required messages, sent to the Linking Code Server from the Receiver’s application.