Content Comparison

Current Situation

At present, sensitive actions can be carried out on a user's account without explicitly obtaining their consent. This poses several challenges:

1. Regulatory Compliance: It creates a risk of non-compliance with data protection laws such as the GDPR, which mandate that users must give informed and explicit consent before any action affecting their data or account is performed.

2. Transparency and Trust: Users may lose trust in the platform if they notice changes made to their account without their knowledge or approval.

3. Auditability: There is no comprehensive audit trail to verify who authorized the action, when it occurred, and what specific changes were made, leading to accountability gaps.

Case study: BRM Remapping

A clear example of this issue is the BRM remapping process:

1. Current Flow (Without Consent Management):

   • A Business Relationship Manager (BRM) raises a claim request to reassign a business to themselves.

   • The Business Owner (BOwner) simply sees that their BRM has changed without being notified or asked for permission.

2. Improved Flow (With Consent Management):

3. When the BRM raises a remapping request, the system triggers a consent request to the Business Owner.

4. The consent request includes clear details, such as the identity of the requesting BRM and the action they wish to perform.

5. The Business Owner must explicitly approve this request before any changes are implemented.

6. This process ensures that sensitive actions like BRM remapping are fully transparent, user-approved, and properly documented.

Benefits of Consent Management

1. User Control: Users are empowered to make decisions about their accounts.

2. Legal Compliance: Aligns with GDPR and other data protection regulations.

3. Audit Trail: Provides a clear, verifiable record of all consented actions, including details of who requested the action, when the request was made, and the outcome.

This approach not only addresses compliance and trust issues but also sets a strong foundation for user-centric account management practices.

v1 Consent management APIs - for internal services only

Types of consent

There are two types of consent:

1. Single-use consent: This is one-time consent for specific actions

2. Long-term consent: This consent type is for extended or recurring access to the user’s account. This consent type is revocable

API features

Request a consent

1. The client should pass a unique identifier for the user they’re requesting consent from

2. The API should respond with a unique token identifying the consent request

3. This token can only be used for the consented action

Notify the user of the consent request

A notification should be sent out on request for the customer to review.

1. For feature phone users: This message should be an SMS containing details of the consent request. The users should also be able to check the status of the request via USSD

2. For web/mobile app users: They should get a push notification with details about the client and the consent request being made

Approve a consent
There are 3 ways consent can be approved

1. For feature phone users: Approval should be done by dialling a USSD shortcode. To confirm the approval, the user will need to enter a PIN

2. For web/mobile app users: Approval will be done in-app and will require 2FA verification before approval

3. For in-person consent: 2FA verification will also be required for approval. This will be done when the in-person user walks into the Moniepoint Kiosk.

Reject a consent

1. All user types should be able to reject a consent in the same flow that they approve.

2. PIN/2FA isn’t required to reject a consent

3. Users should be required to pass a reason for rejection. For USSD users, there should be a default generic reason.

Revoke a consent

1. All users should be able to revoke long-term consent types.

Notify the system of the consent status

1. Once consent is requested, the client who requested the consent should get notified whether the consent has been approved or rejected

2. A consent request should also expire after ~5 mins

3. The status messages are:

   1. Rejected

   2. Expired

   3. Revoked [Terminal state]

   4. Approved

   5. Completed [Terminal state]

4. An action should not be carried out unless consent is “Approved”

Notify the user of the action status

1. Once the action has been carried out, the user must be notified of the status of the action.

Platforms for Consent Management

1. Web and Mobile:

2. Full functionality for requesting, approving, rejecting, and viewing consent history.

3. USSD:

   • View pending consent requests.

   • Approve or reject requests using USSD codes and PIN.

   • Receive SMS notifications with consent details.

4. Consent Link:

   • Allows users to grant consent via a link on any platform (e.g., Moniedesk).

   • Limited functionality: no notifications or history view.

Audit Log for Consent Management

Maintain a detailed audit log for every consent request, including:

1. Who made the request

2. When the request was made.

3. The status of the request.

4. The type of action carried out with the consent.

Future considerations

v2 Consent management APIs - for external services only

1. Consent Management SDK

2. Revocable Consent tokens: These are long-lived tokens that can be used for things like Direct Debit

We had two research sessions with the Offline sales team as well as the Moniedesk team:

Moniepoint end-user research
TBD

Offline sales

1. This is a critical aspect of the new remapping flow.

2. The solution developed works for their use case

3. They mentioned the user must provide clear rejection reasons.

Moniedesk team

1. The solution works for them, but it will be down to the product team to integrate it into their Moniedesk workflow

Mixpanel

We need to set up the following event to track user interactions with Consent Management on the bannerapp: