Security and data handling

Idfy's services are delivered as Software-as-a-Service (SaaS). Provding best-in-class security and service levels are top priorities for us. We go to great lengths to ensure that our services have fail-overs and that our systems are penetration tested.

With us you have the opportunity of consuming our services using dedicated instances in Norwegian data centers. This means you are protected by some of the world’s most rigorous privacy and data protection laws. Or, if you prefer a different setup, we can provide our services using leading cloud providers such as Microsoft Azure and Amazon Web Services.

In addition, we use the industry’s leading hardware security modules (HSMs) to protect transactions, identities, and applications. HSMs excel at securing cryptographic keys and provisioning encryption, decryption, authentication, and digital signing services for a wide range of applications.

We have dedicated HSMs in a redundant setup. Our a data center is ISO27001/PCI DSS certified, meaning it is «payment card industry data security standard» compliant



Police certificates

According to Norwegian regulations on processing of police and prosecution information (police registry regulations), extensive and extended police certificates may be issued to persons who are to be employed in activities that safeguard archive management and information security systems for public and private entities when necessary for safety reasons.

Idfy employees working with or in relation to our core information systems are required to provide valid police certificates before and/or during the time of employment.

You can read more about police certificates here.

Do you have questions about our data center or security policies?