We take privacy, security and compliance extremely seriously.
To keep your information safe, we scramble it with high-level, 256-bit encryption, and then store it in such a way that, in the unlikely event of a system breach, no one would be able to identify you as an individual.
We are ISO27001 certified, which means an independent auditor has inspected our operations and confirmed that we follow a strict set of security guidelines. We get audited for this every year.
In 2019 Yoti became the first age verification provider to be certified under the ‘AV Certificate’ scheme by UK Government’s Age-Verification Regulator. This scheme ensures age-verification providers maintain high standards of privacy and data security.
In 2019 we underwent a SOC 2 Type II examination on our technical and organisational security controls by one of the top four auditing companies, with no exceptions found. The SOC 2 standard is an internationally recognised security standard.
In May 2020, we commissioned an independent assessment which confirmed that Yoti meets the USA’s legal requirements for privacy and security when storing health data (known as ‘HIPAA’, the Health Insurance Portability and Accountability Act of 1996). We will repeat this assessment every year.