About us Partners Compliance Careers Contact us

Trusted technology,
certified technology

Technological certifications


National Institute of Standards and Technology (NIST)


Veridas has been submitting its technologies to NIST evaluations since 2018 and continues to do so with the firm belief that constant scrutiny is the only way to maintain its position as a world leader in the biometric solutions market.

We are the only company in the world to be present at the NIST 1:1 and 1:N assessments in facial, and voice recognition (1:1)

The U.S. National Institute of Standards and Technology (NIST) is the world’s most trusted institution for biometric solutions. (NIST) is the most relevant institution in the standardization of biometric technologies. NIST conducts periodic evaluations of biometric engines submitted by different vendors to assess and provide unbiased rates of accuracy and performance in different environments. 

NIST participation is entirely free and open to any vendor or institution.

Veridas - Centro Criptologico Nacional

CCN-STIC-140 Guide (Annex F11)


Veridas has submitted its video identification tool to the evaluation of Dekra Testing & Certification, as a specialized laboratory and conformity assessment body, and the accredited entity concluded that the solution meets all the minimum security requirements set out in Annex F.11 of the ICT Security Guide CCN-STIC-140, of the National Cryptologic Center of High category.

This requirement must be met by the tools used by trusted electronic service providers (QTSPs) when they wish to use non-face-to-face identification methods for those requesting qualified electronic certificates. The Order ETD/465/2021, of May 6, which regulates the processes of remote identification by video for the issuance of qualified electronic certificates, in development of Law 6/2020, of November 11, enabled them to perform this procedure straightforwardly, seeking to bring qualified electronic certificates closer to all citizens without losing guarantees of reliability, security, and privacy.

Veridas - SEPBLAC

SEPBLAC Authorizations


Dekra Testing & Certification has evaluated Veridas’ video-call and video-identification systems based on the requirements established in the authorizations issued by SEPBLAC (Executive Service of the Commission for the Prevention of Money Laundering and Monetary Offenses), concluding that its technologies allow the implementation of a procedure following the requirements of these circulars and that they can accredit a level of security in terms of reliability equivalent to physical presence.

Regulatory compliance

ISO 30107-3 iBeta


Veridas is compliant with ISO 30107-3 from iBeta. This confirms that the liveness detection and facial biometric identity verification technology has successfully passed all the demanding requirements regarding attacks in verifying individuals’ identities.

ISO/IEC 30107 refers to the detection of presentation attacks or, in other words, the detection of attempts to impersonate or deceive the system. For this purpose, Veridas solutions have active and passive anti-spoofing mechanisms (depending on whether or not they require user action).

All Veridas systems include anti-spoofing fraud prevention techniques. In addition, Veridas’ facial recognition system (das-Face) is compliant with iBETA ISO/IEC 30107-3 Levels 1 & 2.

Veridas - SEPBLAC

Technology for money-laundering prevention


Veridas has technological solutions that allow regulated entities to implement these customer identification procedures non-face-to-face using video-call and video identification.

Due diligence obligations aim to identify and get to know those individuals or legal entities that intend to establish business relationships with regulated entities.

Article 21.1.d) of the Regulation of Law 10/2010, of April 28, approved by Royal Decree 304/2014, of May 5, provides that obliged entities may establish business relations or execute transactions by telephone, electronic or telematic means with clients who are not physically present when the identity of the client is accredited by the use of secure client identification procedures in non-face-to-face transactions, provided that such methods have been previously authorized by SEPBLAC.

CNBV (National Banking and Securities Commission)


Veridas offers digital identity verification solutions with its certified products that allow financial institutions to comply with regulatory requirements.

The Mexican National Banking and Securities Commission is in charge of issuing the applicable regulation, among others, on the prevention of money laundering, which requires the verification of the identity of service applicants in different types of banking institutions.

Ministerial Order ETD/465/2021


The eIDAS Regulation requires the verification of the identity of applicants for qualified electronic certificates, something that, thanks to Law 6/2020 of November 11, can be done in Spain in a non-presential manner. Order ETD/465/2021, of May 6, regulates how this non-presential identification must be carried out, which, among other measures, includes the requirement to verify the authenticity and validity of the identity document, as well as its correspondence with the certificate applicant, through facial recognition technologies (using biometric engines evaluated by the NIST), and to verify that it is a live person who is not being impersonated.

Veridas offers certified technology based on these requirements and assists Trusted Electronic Service Providers (QTSPs) in complying with Order ETD/465/2021.

Data protection


General Data Protection Regulation


The General Data Protection Regulation (GDPR) is the European regulation on the protection of natural persons with regard to the processing of personal data and on the free movement of such data.

The GDPR includes a series of principles and requirements that determine the correct processing of personal data, leading to the establishment of multiple policies, procedures, and good practice guidelines that Veridas has implemented and reinforced by its certifications in information security.

Veridas - Pacto Digital AEPD

Digital Pact Spanish Data Protection Agency


The Spanish Data Protection Agency (AEPD) presented, at the beginning of 2021, a project to try to prevent and combat the different situations of digital violence that occur on the Internet. Its objective is twofold: on the one hand, to publicize the good practices to be carried out by society as a whole in order to build a healthy digital environment, and on the other, it is also intended to publicize the specific mechanism they have developed to try to remove certain sexual or violent content from the network: the Priority Channel.

Adherence to this Pact implies a public commitment, already reiterated on numerous occasions by Veridas, to comply with certain standards in terms of Data Protection, while at the same time allowing us to actively collaborate in the creation of a freer and safer Internet.

California Consumer Privacy Act

California Consumer Privacy Act (CCPA)


The California Consumer Privacy Act (CCPA) is a privacy law that regulates any business that may process the personal information of California residents, so in practice, it can affect companies anywhere in the U.S. or the world.

Veridas complies with the requirements set forth by the CCPA, which is strengthened by the data processing policies that Veridas applies in the provision of its services (controller control of how data is processed, no storage of personal data, etc.).

Veridas - INAI - Protección de Datos México

Personal data protection in Mexico


Veridas complies with the requirements established by the Mexican regulation, partially thanks to its similarity with European data protection regulations regarding the rights of data subjects and the obligations of data controllers and data processors.

The framework for the protection of personal data in Mexico is composed of several regulations, among which we can highlight the Federal Law for the Protection of Personal Data in Possession of Private Parties (LFPDPPP) and its Regulation.

Veridas - SIC Colombia

Personal data protection in Colombia


Veridas has established security measures and privacy by default and by design principles, and complies with the obligations established for data processors, which are always regulated in a contract with its clients.

In Colombia, personal data protection is regulated by Law 1581 of 2012 and various decrees, developing the principles established by the Constitution.

Compliance with previous regulations enables our solutions to comply with other national and international data protection regulations.

Information Security

ISO 27001


ISO 27001 is the highest international standard for implementing, maintaining, and improving information security management systems (ISMS).

Veridas has obtained this ISO 27001 standard certification by having a complete information security management system in continuous improvement. The scope of this certification covers all activities and services offered by Veridas.

Esquema Nacional de Seguridad

National Security Scheme


Veridas has obtained the certification in the National Security Scheme, with a scope that covers all the activities and services offered by Veridas.

The National Security Scheme (ENS), initially designed for the Spanish Electronic Administration and now also applied to all service providers to public entities, establishes the security policy in the use of electronic media and the basic principles and minimum requirements for adequate protection of information. 

Subscribe to our newsletter

Request a demo