General Architecture:

> Proxy-server based architecture allows for structured access through the mds API

> Proxy resides outside the Mobile Operator domain and functions as a gateway into the API/processing server which resides within the mobile operator’s secure area

> Processing server acts as an appliance that restricts unauthorized access to any part of the server or exposes any data by the Mobile Operator, mds, or 3rd party users

> mds API limits customer access to the processing server by allowing only input query streams and anonymized data output



> Customers have access to the mds API only and not the unstructured data
> All query results are automatically anonymized for immediate privacy compliance
> Anonymization algorithms apply a minimum standard of SHA-3 data hashing mechanisms to the query results prior to entering the mds API, further assuring that all output from the mds platform will be anonymized
> At no point does any customer nor network element outside the Mobile Operator’s secure network have access to data that can uniquely identify a subscriber