Another important milestone proving our dedication to maintaining the highest security standards.
We’re pleased to announce that SEON successfully received its ISO 27001 certification!
Like other ISO standards, ISO 27001 is only optional in fraud tech. At SEON, however, we believe all our clients, partners and investors should trust that we are dedicated to meeting the best security standards.
Thorough Auditing and Internal Preparation
After 3 months of preparation, pen-testing and review by Deloitte, we were audited by Eurocert Ltd., who confirmed that our efforts met the high ISO standards. The audit, which took place in two phases, looked both at our documentation and company management, before comparing them with our live operations.
The certification, therefore, confirms that we operate SEON to the highest security standards for IT security, asset management and human resource security, amongst others.
The controls were divided into a number of points:
- A.5: Information security policies (2 controls)
- A.6: Organization of information security (7 controls)
- A.7: Human resource security (6 controls that are applied before, during, or after employment)
- A.8: Asset management (10 controls)
- A.9: Access control (14 controls)
- A.10: Cryptography (2 controls)
- A.11: Physical and environmental security (15 controls)
- A.12: Operations security (14 controls)
- A.13: Communications security (7 controls)
- A.14: System acquisition, development and maintenance (13 controls)
- A.15: Supplier relationships (5 controls)
- A.16: Information security incident management (7 controls)
- A.17: Information security aspects of business continuity management (4 controls)
- A.18: Compliance; with internal requirements, such as policies, and with external requirements, such as laws (8 controls)
Part of Our Larger Commitment to Safer Risk Prevention
As a fraud prevention company, we help companies reduce risk, which is why we cannot be a weak point in their chain of data analysis. This new ISO 27001 certification proves that we operate with the best practices when it comes to safeguarding sensitive company information and business data.
It is also why, at SEON, we ensure that we meet GDPR requirements, as well as satisfy the demands for SCA (strong customer authentication) as part of the PSD2 directive.
Above all, we want to establish transparency and communication between ourselves and clients, whether it’s by being as open as possible about how our products work, or our company policies.
ISO Certification vs Data Center Compliance
“Not all fraud tech companies meet the ISO 27001 standard, yet still use the name for marketing purposes.”
Another reason we wanted a certification from the International Organization for Standardization was to highlight the fact that not all fraud tech companies meet its standards, yet still use the name for marketing purposes.
This is done by advertising that data centers as compliant, which puts the burden of security management on third-party companies. Data center compliance to ISO standards is important, but it does not mean data is safe when processed by the fraud company.
Building a Safer Future with SEON Products
This ISO 27001 certification is yet another good news for our company, which has grown revenue by 200% in one year, doubled its client base, and raised €1M in seed capital.
Above all, we wanted to take this opportunity to thank all our clients, investors and partners for trusting in us.
We’re tremendously excited to continue growing along with you in the future, always ensuring that both your risk prevention tool and company are in the safest hands possible.