ONE Record isn't "open data" - it has robust security. The data owner controls who sees what.
Three Pillars of Security:
-
Identity & Authentication
- Each company has a ONE Record certificate
- Accredited through IATA process
- Verifiable digital identity
- No anonymous access
-
Authorization
- Data owner sets permissions per object
- Granular access control (read, write, subscribe)
- Can revoke access anytime
- Different levels for different parties
-
Secure Transport
- OAuth 2.0 / OpenID Connect
- Mutual TLS (mTLS) between servers
- Encrypted in transit
- Audit logs of all access
Privacy by Design:
- You own your data
- You control who accesses it
- You decide how long it's shared
- You can see who accessed what
Trust Network:
ONE Record creates a "Trust Network" where:
- Companies verify each other
- Certificates prove identity
- Data sharing is consensual
- Bad actors can be excluded
Access Control Examples:
| Party | Sees | Doesn't See |
|---|---|---|
| Customer | Tracking status, ETA | Your margins, cost breakdown |
| Airline | Piece weight, DG info | Commercial value, customer details |
| Customs | Required declarations | Internal notes, pricing |
| Handler | Handling instructions | Customer payment info |
For OnFlyGo:
When you use OnFlyGo for OBC:
- Your customer sees their shipment status
- Airlines see flight manifest info
- Customs gets required declarations
- But nobody sees data they shouldn't
All controlled through ONE Record's permission system.