We take privacy, security and compliance extremely seriously.
To keep your information safe, we scramble it with high-level, 256-bit encryption. We then store your information in such a way that no one would be able to use your data to identify you if there was a system breach.
Every year, we let external auditors assess us under several internationally recognised schemes. These include:
We are ISO27001 certified. This means that an independent auditor has confirmed that we follow a strict set of security guidelines. In 2019, Yoti became the first age verification provider certified under the ‘AV Certificate’ scheme. This scheme ensured age-verification providers maintained high standards of privacy and data security.
- Since 2018, we have undergone an annual SOC 2 examination on our security controls. The SOC 2 standard is an internationally recognised security standard.
- In May 2020, we commissioned an independent assessment to confirm that Yoti meets the USA’s legal requirements for privacy and security when storing health data (known as ‘HIPAA’, the Health Insurance Portability and Accountability Act of 1996).