Is Ondato Safe?

At Ondato, our highest priority is security. This is paramount to our mission and we’re pushing to provide the technologies that make the internet safe to use. Thus, we’re pushing to provide the technologies that would be, first and foremost, safe to use. The data servers and information infrastructures are protected with 24/7 monitoring.

Trusted KYC and AML provider in the EU (ETSI, eIDAS compliance)

Trusted KYC and AML provider in the EU (ETSI, eIDAS compliance)

Ondato is compliant with the Electronic Identification, Authentication and Trust Services (eIDAS) regulation and meets ETSI technical standards, making us a trusted provider and allowing us to work with regulated businesses in the European Union.

International standard (ISO/IEC 27001:2013)

International standard (ISO/IEC 27001:2013)

ISO/IEC 27001:2013 is a standard that specifies security management best practices. The basis of this certification is the development and implementation of a rigorous security program, which includes the development and implementation of an Information Security Management System (ISMS). It defines how Ondato perpetually manages security in a holistic, comprehensive manner. This widely-recognized international security standard specifies that Ondato:

  • Systematically evaluates information security risks, taking into account the impact of threats and vulnerabilities.
  • Designs and implements a comprehensive suite of information security controls and other forms of risk management to address customer and architecture security risks.
  • Has an overarching management process to ensure that the information security controls meet our and our clients’ needs on an ongoing basis.

Technology that assures the protection of children

Technology that assures the protection of children

Ondato is suitable for strict legal environments. Our biometric authentication and identity verification system is certified by KJM – Germany’s Commission for the Protection of Minors in the Media. After carefully assessing our technology, KJM verified that it fulfills all legal and technical age verification requirements. Adult media providers operating in Germany can be certain that our solution works well in ensuring age-appropriate access.

Only certified technologies

Only certified technologies

We use only certified third-party technologies that meet the highest standards. Facial recognition technology that we use is operating a $ 100,000 Spoof Bounty Program and passing NIST Level 1 & 2 PAD testing with 0% FAR – and this is the proof that technology is an unsharable, unphishable biometric that is virtually impossible for criminals to fool using today’s media technology.

Personal data

Personal data

Ondato operates in multiple jurisdictions and compliance with local laws and regulations. Privacy and Security are interwoven by design in Ondato solutions. Secure development principles and aspects are defined and integrated into the company’s development processes.

All sensitive information is protected at rest and in transit.

General Data Protection Regulation (GDPR) is a directive coined by EU legislation that sets forth guidelines regarding how information is to be collected and processed. Ondato follows GDPR’s rules to protect your integrity.