Veridas has recently obtained the Certificate of Conformity of the National Security Scheme, issued by Bureau Veritas Certification, which audits the information systems that support the digital identity verification service offered by Veridas in all its phases.
The National Security Scheme (ENS) establishes the security policy for the use of electronic media and the basic principles and minimum requirements for the adequate protection of information. The ENS, which was initially designed for the Spanish Electronic Administration, has already been adopted by many private entities supplying Public Administrations. This system adds a greater detail and requirement for implementing and maintaining an information security system to that already required by ISO 27001, a standard that we already comply with at Veridas.
Assurance of commitment to compliance
Veridas: fiabilidad y seguridad
Veridas was born in 2017 with the utmost commitment to quality, reliability, regulation, and compliance.
That is why we submit our technologies to the highest international standards, such as NIST (National Institute of Standards and Technology) for facial and voice biometric verification. Likewise, we are ISO 30107 iBeta level 1PAD certified for proof-of-life verification. In addition, at Veridas, we evaluate our technological solutions and comply with the SEPBLAC requirements and the CCN-STIC-140 Guide (within the requirements of the eIDAS Regulation), as accredited by Dekra Testing & Certification.
At Veridas, we have obtained the ISO 27001 certificates in information security systems in terms of information security. We have now added the certificate of compliance with the National Security Scheme (ENS). In addition, we comply with current data protection regulations, such as the European General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and the regulations of the different countries in which our customers and partners operate. In this sense, from Veridas, we have conducted a data protection impact assessment of our technology (EIPD or DPIA) through an independent third party.