Skip to main content



Security is at the heart of what we do—helping our customers securely manage access to any organization asset.


Security is fundamental to us. SOC2 compliance, periodic third-party penetration testing exercises, modern state of the art cryptography - we do things the right way.

We know first hand that poor authentication security leads to account theft, data breaches, monetary losses, loss of trust, and reputation damage. What is more, a poor user experience related to authentication inevitably leads to suboptimal behavior and bad practices, which cause security incidents. Therefore, our primary goal is to make idemeum's Passwordless MFA secure without sacrificing user experience.


Compliance Status
SOC2 Type 1 May 2022
SOC2 Type 2 October 2022

Penetration testing

All areas of the idemeum product and cloud infrastructure are in-scope for periodic penetration testing exercises, and source code is fully available to the testers in order to maximize the effectiveness and coverage.

Auditor Date Status
Cure53 May 2022 Completed

Report a security incident

To make a security vulnerability report, fill out the form. Share as many details as possible, including steps to reproduce. We are deeply grateful to researchers who report issues so that we can address them immediately.