Check our credentials.
Your trustworthy partner for data security and compliance.
AuthenticID is committed to upholding strong information security policies and data privacy practices throughout all aspects of our business operations. We’ve completed data security and risk management certifications to attest our commitment and provide trust to our clients.
Intensely vetted personnel.
Every AuthenticID staff member is required to go through extensive background checks, drug testing and regular security training. Security Awareness Training includes obligations related to information classification and handling, password security, virus protection, email hoaxes, desktop security, information security and social engineering.
Continuous vetting and training are pursued to maintain operational security while keeping developers in line with secure coding practices.
Certifications and compliance.
AuthenticID has achieved SOC2 certification to assure that critical service commitments and system requirements are in place to manage and protect client data.
Our ISO/IEC 27001 certification shows that AuthenticID meets the highest international standards for risk management by implementing, maintaining, and continually improving its information security management systems.
User account security measures.
Security Environment Roles
To minimize risk, access to production services and customer data is limited via controlled interfaces within specifically trained roles and responsibilities of AuthenticID personnel. Customer environment PII access is tightly controlled, monitored and audited both digitally and physically.
Operational Access Control
Strict NIST-driven password policies and multi-factor authentication methods (MFA) are required for all production services and system access. User permission segregation, hierarchy, and unique credentials are required for all PII access to achieve full customer environment data separation at all times.
All data is encrypted in every AuthenticID use case. Our secure network connections are encrypted with TLS v1.2 or higher for application API communication, user web portal access, system maintenance and logging platforms. AES-256 and RSA-2048 are used to provide trusted encryption methods.
AuthenticID incorporates governance and change-management traits into the core functions of our engineering discipline. To ensure that customers experience consistent and repeatable operations, we practice peer code reviews, conduct regular code audits, implement change control, and facilitate unit testing, system integration testing, and penetration testing.