The flow of user transaction data through the system from raw captured data to monetiziable licensed data.

Add User Card(s)

  • What Happens
    • The Data Provider submits a user credit card information to activate Card Linked Offers.
    • We send the user card information to Kard to source offers and assign rewards to the user.
  • Why
    • To identify eligible offers and link transactions to reward the user.
  • How
    • TIKI CLO Service authenticates with Kard using its internal credentials.
    • The user is identified by the TIKI's internal user id and the transaction information is sent with no cardholder PII. A sample of the sent data can be found in the Kard documentation.
    • Card information is retained in ephemeral memory until the card is registered with Kard, then discarded.
  • Outcome
    • The Credit Card is sent to the TIKI CLO API with no cardholder PII. Only the last 4 digits, the BIN, the issuer and the network are required.
  • Systems Involved
    • TIKI CLO Service authenticates with Kard using its internal credentials.
    • Kard does not require any cardholder information. The card data is treated according to their Privacy Policy.

Publisher Identity Verification and Data Integrity Check

  • What Happens
    • To ensure the identity of the publisher who submitted the card information.
    • To check that the card or transaction data hasn't been tampered with during its journey to our system.
  • Why
    • To confirm that the data comes from the publisher.
  • How
    • Data provider identity is verified using the JSON Web Token (JWT) received with the request.
    • JWT is obtained from TIKI Auth and used for authentication with TIKI Data Provider API during receipt image upload.
  • Outcome
    • If the verification fails, the request is rejected.
    • If the verification passes, the next step is initialized.
  • Systems Involved
    • Data Provider requests JWT from TIKI Auth.
    • TIKI Data Provider API authenticates using the JWT to verify identity.

User's License Check

  • What Happens
    • We confirm whether the user has a valid license to have their card and transaction data submitted.
  • Why
    • To ensure compliance with legal agreements and data usage policies.
  • How I THINK YOU TOLD ME THIS WAS WRONG BUT I AM PUTTING IT IN HERE ANYWAY BECAUSE I DON'T KNOW WHAT IS CORRECT
    • TIKI Data Provider API checks license validity using the TIKI License API.
    • Requests without a valid license or expired licenses are rejected.
  • Outcome
    • If the user has a valid license, the next step is initialized; otherwise, the request is rejected.
  • Systems Involved
    • TIKI Data Provider API communicates with TIKI License API to verify the data provider's license.

Send Card and/or Transaction Data to CLO Provider

  • What Happens
    • We send card and transaction data to Kard to provide the card-linked offers from participating merchants.
    • We send transaction data to Data Prepare to turn into structured data, which is then sent to Data Repository. Data Repository makes structured transaction available to the Data Provider Cleanroom and to be licensed to Data Consumers in Licensor Cleanrooms.
  • Why
    • Card data is sent to Kard to identify eligible offers and rewards for the user.
    • Transaction data is sent to Kard to match user transactions with eligible offers and to redeem the reward.
  • How
    • TIKI CLO Service authenticates with Kard using its internal credentials.
    • The user is identified by the TIKI's internal user id and the transaction information is sent with no cardholder PII. A sample of the sent data can be found in the Kard documentation.
    • Transaction data is structured to be ingested by our Data Repository.
  • Outcome
    • Transactions are ingested by Kard and matched with redeemable offers.
    • Matched transactions yield rewards sent to TIKI, which sends rewards to users.
  • Systems Involved
    • TIKI CLO Service forwards transaction data to Kard and our Data Repository.
    • Kard matches the redeemable CLO and return the reward.
    • The transaction data is saved into the data repository.

Data Repository

  • Structured data is added to our at-rest encrypted Iceberg data repository, where access control is managed by Amazon's Lake Formation.
    • What Happens
      • Structured data is combined and staged for addition to the repository.
      • Combined structured data is bulk-added to repository.
      • Structured data is deleted within 30 days post-processing to allow for troubleshooting and performance optimization.
    • Why
      • To store the structured data securely in a format safely accessible by licensors.
      • To combine the structured data with other Data Providers to create monetizable data.
    • Outcome
      • The structured data is safely stored and encrypted within the repository.
      • The structured data is available to licensors that meet the Data License requirements and obligations.

    Data Provider Cleanroom

    All structured data is added to a secure Data Cleanroom for access by the Data Provider with corresponding receipt ids for traceability. See Accessing Your Data to learn how to securely access and utilize the data. Amazon's Resource Access Manager , IAM, and Lake Formation are used to control and manage secure access to the asset.
    • What Happens
      • Structured data is periodically (daily by default) added to the Data Provider Cleanroom.
    • Why
      • To make accessible to the original Data Provider all processed data from their end users.
    • Outcome
      • The structured data is encrypted at-rest and securely accessible as a Data Cleanroom.

    Licensor Cleanroom

    Using filters data licensors create subsets of the larger data repository, including the structured data, based on their use case(s). All licensed data is de-identified by default, unless otherwise agreed to by the licensor, data provider, and end user. Data license terms are automatically applied by the system ensuring licensors remain in-compliance when sourcing data.
    • What Happens
      • Structured data is combined across users and Data Providers to create monetizable panels.
      • Data that matches the filter and license terms requirements is added to a secure Data Cleanroom.
      • Matching data is periodically updated (daily by default) in the Licensor Cleanroom.
    • Why
      • To ensure licensors only source data required for their use case(s).
      • To ensure licensors only source data compliant with regulations and data license agreements.
      • To provide licensors with secure access to their data assets in a format compatible with modern data tooling.
    • Outcome
      • The licensed data is encrypted at-rest and securely accessible as a Data Cleanroom.