Glossary

The Callback or Callback Route is the REST API route that your Dedicated Connection service makes available to Mydex over HTTPS. Mydex sends a POST request (or a PUT request, on an update event) containing the Connection ID, Member UID and Member Key, when the member completes First Time Connection to your service. This allows you to then make read and write requests to the member's encrypted PDS. Read here to learn how to consume the callback payload.

A third party personal data store provider which has been certified by Mydex as having accepted and agreed to abide by the Mydex Charter. Certification means that: Mydex has verified that the Subscribing organisation is who it says it is. The provider will allow Mydex to inspect and audit its processes, policies, systems and tools to ensure it is compliant with the requirements of operating personal data services as defined in the Mydex service specification. The provider has entered into a contract with Mydex to operate the service in line with the Mydex Charter and Mydex service specification.

"The Mydex Charter, which sets out the principles behind Mydex and which every Subscriber must observe and abide by. See the Mydex Charter here.

A community interest company (CIC) is a type of company introduced by the United Kingdom government in 2005 under the Companies (Audit, Investigations and Community Enterprise) Act 2004, designed for social enterprises that want to use their profits and assets for the public good.

Programming code in a human or machine readable format

The Connection ID is a hyphenated combination of the member's PDS numerical UID, and your Dedicated Connection NID. The value is therefore unique to the member's PDS and your Dedicated Connection. You receive this value as the parameter connection_id in your callback after First Time Connection takes place, and then send this value as the parameter con_id in read/write requests to the PDX API.

The Connection NID or Connection Node ID is a single numerical value that is unique to your Dedicated Connection. Mydex issues you this value along with your Connection Token when approving your Dedicated Connection. You use this value to construct requests to begin either registration of a member account, or to begin the First Time Connection journey. This is what con_nid or connection_nid refers to in API requests.

The Connection Token is a cryptographic key that is unique to your Dedicated Connection. Mydex issues you this value along with your Connection NID when approving your Dedicated Connection. You use this value to construct requests to begin either registration of a member account, or to begin the First Time Connection journey.

Data stored and shared by a Member or a Subscriber.

The data controller determines the purposes for which, and the means by which, personal data is processed. So, if your company/organisation decides 'why' and 'how' the personal data should be processed, it is the data controller. The UK GDPR defines a controller as: the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data. Controllers make decisions about processing activities.

Data Processor means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.

Data subject refers to any individual person who can be identified, directly or indirectly, via an identifier such as a name, an ID number, location data, or via factors specific to the person’s physical, physiological, genetic, mental, economic, cultural or social identity. Mydex Members are Data Subjects in the context of UK GDPR. Mydex equips its members to be their own controller and processor if they wish and the means to exercise their rights under GDPR.

The way we logically group the datasets and fields that make up a Member's PDS.

An agreement between a Member and a Subscriber which allows the Subscriber to access some or all of the Member's Data.

A collection of fields or attributes that make up a logiical collection or record. e.g. the Driving license has a defined set of fields or attributes. Bank statement transactions have a defined set of fields or attributes

The specific details required by Subscribers to enable them to integrate securely with the Mydex personal data exchange platform via its APIs in order to connect and interact with the Personal Data Stores of any Mydex members who have granted permission for this connection. This includes defining the use cases to be made of data and the specific datasets they require access to and the type of access i.e. read/write etc. A Dedicated Connection process for connecting for the first time can also be used to provision a new MydexID and Personal Data Store. Requesting new Dedicated Connections can be made via the Connection Manager.

A list of our most frequently asked questions, and other useful information, which can be accessed here or from any document which refers to them.

A defined attribute e.g. Surname, Date of Birth. The field can hold a specific value in one specific type e.g. Text, Number, Date, Currency etc. It has a consistent definition and meaning

First Time Connection or FTC is when your Dedicated Connection service wishes to connect to the member's PDS. You invoke this journey for the member in their browser and they are presented with the Data Sharing Agreement. After approving the Data Sharing Agreement, First Time Connection is achieved, and Mydex sends a POST payload to your application's callback, which you can consume to then make future read/write requests to the member's encrypted PDS securely.

Identity as a Service is Mydex's Identity service that allows members to login with their MydexID, as well as set up multi-factor authentication. Subscribers can act as Relying Parties to offer 'Sign in with MydexID' on their application rather than hold member credentials themselves. The IDaaS also is a platform that allows integrating third party identity services to map to a member's MydexID and PDS.

Identity Provider - A Subscribing organisation or service that provides registration and autentication services for individuals or API's online. This also includes password management services.

An IFrame (Inline Frame) is an HTML document embedded inside another HTML document on a website. Mydex use this capability to give Subscribing organisations the ability to create seamless connection journeys for their customers.

Within a PDS there are datasets relating to specific use cases such as a Bank Account, Home etc. As it is possible for a member to have more than one dataset of the same type each instance of a dataset is given a unique identifier which allows it to be correctly mapped into specific connections and contexts

JavaScript Object Notation, is an open standard format that uses human-readable text to transmit data objects consisting of attribute–value pairs. It is used primarily to transmit data between a server and web application, as an alternative to XML.

Although originally derived from the JavaScript scripting language, JSON is a language-independent data format. Code for parsing and generating JSON data is readily available in many programming languages.

The PDS maintains relationships between different fields within the PDS as they are essentially holding the same information in different contexts of use. The linked field capability allows the Member t decide if these linked fields are updated automatically when one of them changes or if an alert is raised allowing the member to chose to update or not.

An individual who has created a Mydex account in order to use Our Services. In any Agreement "Member" refers to the relevant individual entering into the Agreement.

The Member Key or Member Connection Key is a cryptographic key that is returned to your callback after the member completes First Time Connection to your Dedicated Connection. This key is used to read/write data into the member's encrypted PDS, and is unique to your Dedicated Connection and the PDS.

The Member UID is a numerical ID that represents their PDS. This information is returned to your callback after the member completes First Time Connection to your Dedicated Connection. It also forms part of the Connection ID. You send both the UID and the Connection ID in requests to the API to read and write to the member's PDS.

Mydex Data Services Community Interest Company.

This is a unique identifier of the member and also acts as their username when logging into a personal data store account with Mydex. It can also be used to login with participating third party services that support the MydexID, in order to save time logging in and reducing the number of usernames and passwords one needs to manage.

OAuth 2.0, which stands for “Open Authorization”, is a standard designed to allow a website or application to access resources hosted by other web apps on behalf of a user. OAuth2.0 credentials are used by Subscribers to make authorised requests to the Mydex APIs. Mydex CIC issues the Subscriber organisation with OAuth2.0 credentials as required when the Subscriber organisation joins the Mydex Trust Framework

OpenID Connect is an interoperable authentication protocol based on the OAuth 2.0 family of specifications. Click here.

An Account holder's unique password, without which his, her or its Mydex Account cannot be accessed.

A Member's personal data store.

The permission granted by a Member to a Subscriber to access some or all of his or her Data for the specified purpose(s).

Any data you chose to store in your personal data store which can be a wide range of formats

A unique secret (e.g a complex passphrase or long random value that is hard to guess), chosen by a Member when creating their MydexID and PDS. This is distinct from the MydexID's password, which is used to login to applications. Without the Private Key, the member cannot access their PDS or approve Connections as part of First Time Connection in order for those Connections to access the Member's data.

Has the meaning set out in the DPA and "Process" and "Processed" shall be construed accordingly.

Relying Party or RP is a term used in the OpenIDConnect (OIDC) specification. It represents an application or service that delegates authentication to an OP (OpenID Provider), typically an Identity Provider service. Mydex operates as an OP (IDP) to offer MydexID authentication. Subscriber services can operate as Relying Parties to the Mydex Identity as a Service platform via the OIDC protocol.

Mydex CIC provide a test environment that matches the live platform. This is free to use and lets developers and anyone wishing to experiment and explore use of Mydex Identity and personal data services in a safe and secure environment. Developers require OAuth2.0 credentials to make use of the Sandobx API and test connections

Services available to Members and Subscribers, including the use of Mydex's API.

Data which a Member allows a Subscriber to access.

HA-2 is a set of cryptographic hash functions designed by the NSA (U.S. National Security Agency). SHA stands forSecure Hash Algorithm. Cryptographic hash functions are mathematical operations run on digital data; by comparing the computed "hash" (the execution of the algorithm) to a known and expected hash value, a person can determine the data's integrity. SHA-512 is novel hash functions computed with 64-bit words, respectively.

Example applications that showcase how a Subscribing organisation can connect to a Member's PDS.

Any of the Mydex family of sites: http://mydex.org, https://pds.mydex.org, https://api.mydex.org or http://dev.mydex.org

The service level agreement between Mydex and its Subscribers.

An entity which obtains Data from and provides data to Members for the provision of services to that Member. Entities may be but are not limited to government organisations, private sector providers of good or services, other suppliers, organisations, companies or partnerships (whether limited liability or otherwise), other Members and other individuals including sole traders. In any Agreement "Subscriber" refers to the relevant entity entering into the Agreement. Mydex will verify and certify each Subscriber as follows:

1. That it is who it says it is.
2. That any code e.g. an Application it develops to work in connection with the platform is subject to code inspection and independent testing based on Mydex Certification specification for Subscriberss and Applications.

Services provided to a Member by a Subscriber.

Details of our connection, support and transaction fees as well as information for Members, Subscribers and Application Providers about charging (or offering a fee) for the use of Data.

In software and systems engineering, a "use case" is a list of steps, typically defining interactions between a role and a system, to achieve a goal.