MePIN.com is an authentication and authorization service, enabling the end-users to authenticate themselves to multiple Internet services in a secure manner. A USB peripheral (“MePIN key”) or a client software program, activated by a user and device specific PIN code, is used by end-users to manage their accounts in a centralized but secure manner.
No disclosure of personal data of any kind (such as name, age, location) is necessary to use MePIN.com when the service is only used to manage end-user’s access credentials for Internet services. The end-user’s username and password information related to an Internet service are not stored in MePIN.com although a list of the Internet services accessible by certain MePIN account is stored. When MePIN.com is used in the manner described above, the information concerning MePIN keys or accounts cannot be directly linked to any particular person.
MePIN.com provides end-users an option to store personal data in their MePIN keys and software clients. End-users may store personal data that may be necessary for using some Internet services, for example to verify to an Internet service that the end-user is of a certain age. All personal data disclosed by an end-user is stored permanently only in the end-user’s MePIN key or software client and is disclosed to an Internet service only upon a query from the service and only with an express consent of the end-user for each query separately. Temporary processing of the end-user’s personal data by MePIN.com is necessary when the end-user discloses or edits the personal data stored in the MePIN key or software client, or when end-user data is disclosed to an Internet service. The data is always discarded without delay after being processed and is not stored by MePIN.com in any other place than the end-user’s MePIN key or software client.
An end-user may choose to disclose optional personal data (such as an e-mail address or a phone number) to be used by MePIN.com for the purposes of communication between the end-user and MePIN.com.
Any data concerning the use by a specific end-user of different Internet services via MePIN.com may only be stored in and used by MePIN.com or Meontrust for the purpose of fraud detection or other similar purposes, and to compile an end-user specific trust index which it may provide to third parties upon their request without obtaining a separate consent from the end-user. The trust index is only a technical attribute which cannot be reduced to personal information relating to any private person.
Personal end-user data stored in MePIN.com may be transferred within MePIN.com to any server in any country worldwide. Meontrust always protects any personal data by using adequate data security procedures and technologies. The core principle of MePIN.com is to store all personal data (except of the above mentioned optional contact information) in a decentralized manner into the MePIN keys and/or software clients, which are at the sole possession and control of the end-users themselves. Thus the protection by each end-user of the MePIN key or software client and the associated PIN code is the key aspect of the protection of the personal data stored in MePIN.com. If a MePIN key or a device with MePIN client software is lost by an end-user, the end-user’s personal data may be at risk, and cannot be recovered by Meontrust. It is essential that end-user has a copy of her unlock code, which can be used to revoke and lock lost MePIN key or software client. Meontrust is not responsible for end-users’ data or the authenticity thereof in any way, except that Meontrust undertakes to use adequate data security procedures and technologies during the processing of the end-users’ data. Meontrust shall not be liable for any damages caused by inaccurate end-user data or the loss of any end-user data.
Meontrust shall not use, store or disclose the end-user’s personal data in any other manner than what has been described herein without the consent of the end-user. Any personal data disclosed to MePIN.com that is not automatically destroyed immediately after processing shall be destroyed without undue delay after the end-user finally ceases to use MePIN.com. The end-user is responsible for destroying data stored in the MePIN key or software clients.
An end-user shall hereby expressly consent to the collection and processing of personal data before using MePIN.com. Consent to collect and process personal data may be revoked by the end-user at any time, but use of MePIN.com must be discontinued after such revocation. An end-user may inspect and amend the personal data stored into MePIN.com at any time by using tools provided at MePIN.com web site or by using the contact information below. Please note that Meontrust does not have implicit access to the information stored into the end-users’ MePIN keys or software clients.
Sign up for free at the developer portal and start testing today!