In X-Road, data is always exchanged directly between a service consumer and a service provider. The X-Road architecture doesn't include a centralised message broker or a data intermediary and therefore, third-parties don't have access to the data. The service provider is always in full control of who's allowed to access its data and services.

A data transaction between a service consumer and a service provider consists of the following steps:

• The service consumer information system initiates a data transaction by sending a request to the service consumer Security Server.

• The service consumer Security Server signs and logs the request and routes it to the service provider Security Server.

• The service provider Security Server verifies and logs the request and forwards it to the service provider information system.

• The information system processes the request and returns a response to the service provider Security Server.

• The service provider Security Server signs and logs the response and forwards it to the service consumer Security Server.

• The service consumer Security Server verifies and logs the response and forwards it to the service consumer information system.

• The service consumer information processes the response.

If any of the verification steps fail, the data transaction is terminated and an error message is returned to the consumer information system.

The Central Server and trust services do not have an active role in the data exchange process. Instead, the Security Server uses their services asynchronously in the background. Thanks to this, an X-Road ecosystem can remain operational for a long period of time (from hours to days depending on the configuration) without the Central Server and trust services being available. More information about the fault tolerance of an X-Road ecosystem is available here.