Socure, a provider of predictive analytics for digital identity verification, has achieved compliance certification for three ISO/IEC 27000 standards.
The standards are related to the privacy, confidentiality, and security controls of its ID+ system and service. These internationally recognised standards help organisations keep information assets including personally identifiable information (PII) about consumers — secure, private, and confidential within a cloud-based environment.
Its certification was issued by A-lign, an independent and accredited certification body, following the successful completion of a formal audit that verified Socure’s process and controls meet the requirements of ISO 27001, 27017 and 27018. Socure also completed its annual re-attestation of its SOC 2 type 2 report with an expanded scope that now includes privacy and security controls.
Tom Thimot, CEO of Socure, said: “Data privacy, security, and integrity are essential for our customers, but also for consumers. In an industry that relies on trust, the latest ISO certifications and SOC 2 type 2 report provides our prospects, customers, and their customers the confidence of knowing that Socure adheres to international Trust Services Principles standards for security and confidentiality.”
The ISO certifications also overlap the tenets laid out in the forthcoming General Data Protection Regulation (GDPR) requirements for EU citizens. Source said recent updates to its privacy policy these considerations for GDPR, as well as several other modifications
Socure has developed a patented, predictive analytics platform called ID+ that verifies whether digital identities are authentic, synthetic, or stolen. The company’s platform applies artificial intelligence and machine learning to trusted online/offline sources including email, phone, address, IP address, social media and traditional GLBA/DPPA data to authenticate identities in real-time. The Socure ID+ claims to reduce fraud by up to 90 percent, lowers manual review/knowledge-based authentication (KBA) rates by as much as 80 percent, and automates Customer Identification Program (CIP), Know Your Customer (KYC) and anti-money laundering (AML) compliance initiatives.
Copyright © 2018 RegTech Analyst
Copyright © 2018 RegTech Analyst
