We take the security of our systems seriously and our priority is to pay close attention to data security. Our trusted services are delivered in line with best regulatory practice requirements.
We are trusted by hundreds of large companies around the world, including banks whose security requirements for KYC, AML, CFT we meet.
The data servers and information infrastructures are protected with 24/7 monitoring.
International standard (ISO/IEC 27001:2013)
ISO/IEC 27001:2013 is a security management standard that specifies security management best practices and comprehensive security. The basis of this certification is the development and implementation of a rigorous security program, which includes the development and implementation of an Information Security Management System (ISMS). It defines how Ondato perpetually manages security in a holistic, comprehensive manner. This widely-recognized international security standard specifies that Ondato does the following:
Ondato operates in multiple jurisdictions and compliance with local laws and regulations. Privacy and Security are interwoven by design in Ondato solutions. Secure development principles and aspects are defined and integrated into the company’s development processes.
All sensitive information is protected at rest and in transit.
General Data Protection Regulation (GDPR) is a directive coined by EU legislation that sets forth guidelines regarding how information is to be collected and processed. Ondato follows GDPR’s rules to protect your integrity.
Only certified technologies
We use only certified third-party technologies that meet the highest standards. Facial recognition technology that we use is operating a $ 100,000 Spoof Bounty Program and passing NIST Level 1 & 2 PAD testing with 0% FAR – and this is the proof that technology is an unsharable, unphishable biometric that is virtually impossible for criminals to fool using today’s media technology.