Subscribe to wiki
Share wiki
Bookmark
Terminal 3
Terminal 3
Terminal 3 is a Hong Kong-based Web3 data privacy and security infrastructure company that develops solutions for decentralized digital identity (DID) and self-sovereign data management. Its platform is designed to provide users and enterprises with control over digital identities and data through the use of client-side encryption, decentralized storage, and privacy-preserving technologies. [9]
Overview
Terminal 3 (T3) is a data privacy and security infrastructure company that focuses on giving individuals and enterprises control over their data and digital identities. Its platform encrypts user data client-side, manages encryption keys via a decentralized key network, and standardizes and enriches the data for interoperability across Web3 platforms. Data is atomized, re-encrypted, and stored across a decentralized network, with cryptographic commitments recorded on-chain to ensure integrity and immutability. T3 enables privacy-preserving access through zero-knowledge proofs, allowing applications, AI agents, and enterprises to perform actions, segment audiences, and conduct analytics without exposing raw personal information. This supports use cases such as Proof of Humanity, regulatory-compliant verifiable credentials, and secure AI-driven transactions. [2]
Architecture
Data Schema
Terminal 3 uses a standardized user data schema designed for interoperability across platforms and applications. The schema incorporates established frameworks, including ISO codes, IAB audience taxonomy, and GICS classifications, to provide a comprehensive and practical standard that can be widely adopted by enterprises while remaining compatible with existing data standards. [3]
Decentralized Storage
Terminal 3 uses a decentralized storage system based on IPFS to securely store encrypted user data off-chain, enhancing privacy, resilience, and control. Data is content-addressed and atomized into 256 KB chunks linked via a Merkle DAG using IPLD, ensuring verifiable integrity and efficient retrieval from multiple nodes. Persisted chunks are pinned on IPFS nodes to maintain availability, with retrieval involving content routing, block fetching, and hash verification. For regulatory compliance, Terminal 3 supports the deployment of regional node clusters to ensure data remains within specific jurisdictions when required. [4]
Data Warehouse
Terminal 3’s Encrypted Data Warehouse provides secure storage for queryable, non-personally identifiable information (PII) data, enabling efficient processing while keeping all data encrypted and inaccessible, even to internal teams. It uses Structured Encryption (STE), a symmetric-key scheme that allows rapid sub-linear search queries and dynamic updates without revealing data or query contents beyond the scheme’s defined leakage profile. STE ensures fast response times proportional to query size, avoids the leakage issues of deterministic or order-preserving encryption, and is more efficient than homomorphic encryption, allowing the warehouse to balance high performance with strict data confidentiality. [5]
Query Engine
Terminal 3’s Query Engine acts as an intermediary between clients and the encrypted data warehouse, transforming incoming queries into formats that can be efficiently executed while maintaining verifiable results. It decomposes complex queries into simpler sub-queries, optimizes execution plans, and translates external data representations into internal formats, such as converting age-based filters into date-of-birth comparisons. The engine also incorporates a Query Cache that stores salted hashes of recent queries and their results, enabling faster responses for repeated queries while ensuring data freshness and consistency. [6]
Products
T3 Oracle
T3 Oracle is a decentralized identity platform that creates self-sovereign user profiles, intended to serve as a universal source of truth for digital identity. It allows applications to query user data and issue verifiable credentials using zero-knowledge proofs, ensuring that the user's raw data is not exposed. The system is designed to support interoperable and composable identity records that remain under the user's control. [10]
T3 Identity
T3 Identity is a full-stack digital identity management solution that enables self-sovereign control over personal data while providing enterprises with privacy-preserving ways to verify and engage with users. It integrates onboarding and authentication, data transformation, decentralized identifiers (DIDs), and verifiable credentials (VCs), as well as atomized decentralized storage and privacy-focused audience segmentation and messaging, allowing for the secure management, verification, and use of identity data without exposing sensitive information. [11]
T3 Verify
T3 Verify is an enterprise-grade Know Your Customer (KYC) and Anti-Money Laundering (AML) solution built for regulatory compliance. It provides real-time identity and liveness verification for users in over 190 countries and issues reusable VCs to reduce onboarding friction for subsequent services. Sensitive KYC data is stored in decentralized "regulatory vaults" to comply with record-keeping requirements, while other PII remains in "self-sovereign vaults" controlled by the user. The product offers customizable compliance policies and audit-ready reporting. [12]
Auth & Onboard
Terminal 3 offers a decentralized platform for user authentication and onboarding, providing modular and customizable workflows that minimize friction and enhance conversion rates. Authentication options include Web3 wallets, email, social logins, and passkeys, with passwordless methods supported. Users can define the data fields to collect, verify email addresses to reduce bots, and localize the experience. Terminal 3 supports both hosted, white-labeled onboarding flows and embedded, self-hosted flows. Upon account creation, each user receives a Decentralized Identifier (DID) and maintains self-sovereign control over their data. Wallet-based onboarding involves connecting a Web3 wallet, encrypting data client-side with threshold encryption, and storing it on a decentralized network. Email-based onboarding generates a custodial Web3 wallet linked to the user’s email, using one-time codes for verification and encryption key management. [13]
Segments
Segments is a privacy-preserving audience analysis tool that allows enterprises to generate insights from user data without compromising individual privacy. Businesses can create targeted user segments by filtering data based on multiple conditions, such as age or location. The tool supports various aggregation functions, including count, sum, mean, min/max, and median. Each query result is accompanied by a cryptographic proof that verifies its accuracy. The system includes safeguards to prevent overly specific queries that could potentially de-anonymize users. [14]
Partnerships
- Animoca Brands
- Berabucks
- Hedera
- HelpBNK
- Humanity Protocol
- IDA
- Monad
- Open Campus
- Soneium
- Varmeta
- W3H
See something wrong?