The SecureLink product is a data de-identification system that can be used by organisations to overcome trust barriers and combat data siloing. It allows a central organisation, generally a third-party data processor, to join data from many contributing organisations, such that the data is de-identified and the central organisation cannot recover the identifiers.
For example, SecureLink can enable new insights from joining sensitive customer data or patient data that could not have been pooled before due to regulatory or competitive obstacles. Financial regulatory bodies can collect and join data from competing market actors, and analyse and publish insights without revealing sensitive data owned by the contributing actors.
Securely publish benchmarks and reports
SecureLink guarantees that if data from multiple contributors is intercepted in transit, it cannot be joined - only the central party possesses the ability to join the data. After joining the siloed data together, the central party can share insights or extracts from the joined data back to the contributing organisations, subject to obscuring sensitive data. This sharing allows all parties to benefit from the increased richness of the joined data, with no risk that sensitive identifying data is disclosed.
Enable trusted collaboration with third parties
SecureLink can operate on sensitive data held across many contributing organisations - retailers or credit card providers, for instance. As long as there is a consistent identifier across the organisations (such as an email address, URL or national insurance number), SecureLink can join the different data sources together while masking that identifier. No shared secrets are required as the system uses a public-key infrastructure, making it easy to add more contributing parties.
Generate insights from encrypted data
SecureLink masks identifiers by using well-understood encryption schemes so that the identifiers are kept encrypted at all times, but can still be processed. All identifiers end up consistently encrypted, so that upon receiving the data with encrypted identifiers, the central party can join it together as if it were raw data.
SecureLink follows a three step process:
- Contributors each encrypt the identifiers in their data set
- An intermediary party further obscures the identifiers, while keeping their original encrypted form
- The central party receives datasets, can join on the encrypted attributes, but cannot decrypt them or determine the original identifiers