Q: What is Meeco's privacy policy?

Meeco Privacy Policy

Q: What is Meeco's developer policy?

Meeco Developer Policy

Q: What is the Meeco Platform (or API-of-Me)?

The Meeco Platform is a collection of APIs that helps individuals, organisations and businesses manage data in the fast-changing world of personal data regulation, opening up access to new global business models

Meeco centers around the following concepts for individuals and organisations/Enterprise:

For Individuals:
Access - Gain access and store your personal data across your digital life, encrypted and securely available from any device.
Control - Control who you share your data with. If your information changes, update it once and it will be distributed to your connections.
​Delegation - Delegate permission to enable the people and organisations you trust to act on your behalf.
Consent - Share your data on your terms and maintain a permanent record of your explicit consent. You can change or revoke access at any time.

For Enterprise:
Access - Allow 2-way access to data and verified attributes directly with the customer​.
Control - Offer full data and attribute control to your customers aligned with new data regulations​.
Delegation - Introduce new services for customers to delegate authority and manage data access​.
Consent - Gain customer consent in all data exchange journeys supported by a fully auditable event log​

How it works:

Data is encrypted and stored in the Vault. As data is encrypted and decrypted client side, the platform cannot read a user's data. Vault data is downloaded and decrypted in order to view it.

Vault access is gained through the creation of a Keystore, where a user stores their secrets and encryption keys for encrypting and decrypting data.

A user can "Connect" with another person or organisation and consent to share a specific piece of data. If a user updates this data with new information, the information is updated for the Connection. If consent to share is withdrawn, the data will be removed from Connection.

Q: What can I develop using Meeco API-of-Me?

Deploy our personal data APIs to develop customer centric Privacy by Design applications.Deliver B2B, B2B2C, C2C & Me2B use cases, always with audit and consent information.

Q: Who can view the Vault data?

The Vault data is only viewable by the person who holds the keys to encrypt and decrypt it. You can securely share with another user, but Meeco itself can never decrypt or see your data.

Q: What is the Keystore?

The Keystore is where a users stores their secrets, derivation artefacts, and encryption keys. Try out the Keystore APIs to see how generating and storing these assets works.

Q: How is user data encrypted?

Meeco has developed an open-source library called Cryppo (Ruby) and Cryppo-JS (Javascript) which implements the required cryptographic routines. Generation of keys, data encryption, data decryption and serialization is dealt with by the library.

The Keys are generated with an RSA4069 encryption strategy.

The Key derivation strategy is PBKDF2 + HMAC

The Keys are encrypted with AES with a 256 bit key size, and GCM operation.

The Getting Started guides contain a run through of how to use the Ruby library in making encryption calls in the Keystore and the Vault.

Q: What is the Downloader?

The Downloader is a group of APIs to facilitates downloading and sharing of vault data with users outside the network.

Q: What is fee for trying out platform?

It's free for trial period

Q: What is your pricing model?

Please contact Meeco for further details.