Intellicheck, OCR Labs, and Privately each pass security, privacy evaluations

Several companies in the identity and biometrics space have announced new certifications to demonstrate their commitment to privacy and security standards.

U.S. digital identity company Intellicheck has obtained ISO/IEC 27001:2013 and ISO/IEC 27001:2019 certifications for their information security management systems.

Compliance with ISO/IEC 27001:2013 means Intellicheck satisfies international information security management systems standards. In other words, it attests that the company’s risk management process is sufficient for managing and protecting sensitive information.

The ISO/IEC 27001:2019, on the other hand, is an extension to ISO/IEC 27001 (and ISO/IEC 27002) and focuses on the management of private information. The certification provides a framework to manage and protect personally identifiable information (PII) within an organization’s information security management system (ISMS).

“Meeting our customers’ needs with cutting-edge technology solutions that reflect the highest standards of information security and privacy has always been our priority,” comments Intellicheck CEO Bryan Lewis.

“These certifications attest to the rigorous criteria we have in place for our systems and controls, reinforcing for our current clients, prospects, and business partners that we are a world-class company committed to excellence.”

The ISO certifications come days after Intellicheck announced complying with the European Union’s General Data Protection Regulation (GDPR) requirements.

OCR Labs compliance for biometric liveness detection confirmed

The next company on our list is Australian company  OCR Labs, which recently achieved compliance with the ISO 30107-3 Presentation Attack Detection (PAD) standard as well as NIST SP 800-63 Digital Identity Guidelines.

The first of these certifications reassessed OCR Labs’ biometric liveness detection capabilities. Led by NIST-accredited company BixeLab, the completed ISO 30107-3 tests were necessary for OCR Labs to keep conforming to Australia’s Trusted Digital Identity Framework (TDIF) standards.

As for the NIST SP 800-63 guidelines, they aim to set a globally recognized standard for governments-focussed digital identity suppliers. After the assessment, OCR Labs reported achieving compliance with the standard to an Identity Assurance Level 2 (IAL2) – the highest level of assurance for a remote identity provider.

“These additional certifications demonstrate our continued excellence in producing world-leading identity verification technology,” comments Terry Brenner, head of legal, risk & compliance for OCR Labs Global, North America.

“Not only [they] demonstrate a dedication to security and privacy but also help build trust with customers and stakeholders by providing assurance that their sensitive information is being protected by rigorous standards.”

The certifications follow the disclosure of a vulnerability which was patched by OCR Labs before any data was lost, according to the company.

Privately gets UK GDPR Certification

Switzerland-based company Privately has achieved a Certificate of Conformity for meeting the Age Check Certification Schemes (ACCS) 2:2021 Technical Requirements for Data Protection and Privacy.

The specification, approved by the UK Information Commissioner’s Office (ICO), highlights specific data processing requirements for activities related to the processing of personal data when undertaking age check practices.

“[The certification] makes us the only software-age-assurance company […] to have such a certification and is a testimony to our privacy-preserving technologies,” Privately CEO Deepak Tewari tells Biometric Update via email.

Tewari clarified that the age assurance solution from cash handling equipment and solutions firm Innovative Technologies, which was certified in March 2022 to GDPR standards, differs from Privately’s software in that it uses specialized dedicated hardware.

Privately has also recently become the first firm to be certified for voice biometrics for age estimation in the UK.

Article Topics

Age Check Certification Scheme (ACCS)  |  biometrics  |  certification  |  IAL2  |  identity assurance  |  Intellicheck  |  ISO standards  |  OCR Labs  |  Privately