Updated @May 4, 2022
The Consent Flow is divided into three discrete stages: Consent; Authenticate; and Authorise.
About the Consent Flow
While the CX Guidelines are focused on The Consent Model (Consent, Authenticate and Authorise, and Consent Management), the CX research highlighted the importance of the pre-consent and post-consent stages.
Pre-Consent
Data recipient space
Consumer engages with an ADR's value proposition and learns about CDR. Pre-consent is the stage prior to the actual request for consent, which is critical for building consumer trust, confidence, and for articulating the benefits of data sharing.
Consent
Data recipient space
Consumer decides whether or not to consent to the collection and use of their data after reviewing the terms of the consent, such as:
- who is requesting their data;
- what data is being requested;
- when the data will be shared;
- where data is shared to and from;
- why their data is being requested; and
- how they can manage and control the sharing and use of their data
Authenticate
Data holder space
Consumer verifies who they are to their data holder
Authorise
Data holder space
Consumer:
- selects the accounts they would like to share data from;
- reviews a summary of the data that will be shared; and
- authorises the sharing of that data from the data holder to the data recipient
Post-Consent
Data recipient space Data holder space
Consumer is presented with the outcomes of data sharing. Post-consent is the stage immediately following a authorisation, where the ADR provides the outcome of data sharing and is able to close feedback loops.
See 'Consent Management' CX Guidelines and example wireframes
Example prototype
Quick links to CX Guidelines:
→ cx@consumerdatastandards.gov.au → cx.cds.gov.au | cds.gov.au
