Skip to main content

Privacy-Preserving Authorization

Traditional authorization systems typically require:
  • User identification (names, emails, IDs)
  • Centralized databases storing user information
  • Trust in service providers to protect data
  • Exposure of personal information during access checks
Naba’s gated access system works differently:

How It Works

  1. User authenticates with UAE Pass (off-chain, private)
  2. System generates a zero-knowledge proof of verified identity
  3. Proof is submitted to verify eligibility (no identity data included)
  4. Access is granted or denied based on proof verification

What Stays Private

  • User’s name and personal identifiers
  • Government ID numbers
  • Biometric information
  • Location data
  • Any other personal information

What Is Proven

  • User has completed UAE Pass verification
  • User meets eligibility criteria for the resource
  • User is authorized according to access policies
  • Access request is legitimate and not fraudulent
This model provides privacy-preserving access control where users can access protected resources without exposing their identity.