This page discusses how My Crypto Profile assures profile configurations.
Users can create multiple profile config files subjective to different data requesters with their clients and submit to MCP. A profile config file describes who is allowed to access which part of the user's profile. All personal data requests should be authorized by user and MCP will filter out unauthorized requests based on user’s profile config files.
An example of a profile configuration
The client will process external data requests from 3rd party dApps. If a request is unauthorized, the client will notify user with an authorization request. Normally a requester will ask for multiple data subjects in one data request, the client will only give the data of the authorized subjects to the requester.