Overview
Security is at the heart of what we do—helping our customers securely manage access to any organization asset.
Overview
Security is fundamental to us. SOC2 compliance, periodic third-party penetration testing exercises, modern state of the art cryptography - we do things the right way.
We know first hand that poor authentication security leads to account theft, data breaches, monetary losses, loss of trust, and reputation damage. What is more, a poor user experience related to authentication inevitably leads to suboptimal behavior and bad practices, which cause security incidents. Therefore, our primary goal is to make idemeum's Passwordless MFA secure without sacrificing user experience.
Compliance
| Compliance | Status |
|---|---|
| SOC2 Type 1 | May 2022 |
| SOC2 Type 2 | October 2022 |
Penetration testing
All areas of the idemeum product and cloud infrastructure are in-scope for periodic penetration testing exercises, and source code is fully available to the testers in order to maximize the effectiveness and coverage.
| Auditor | Date | Status |
|---|---|---|
| Cure53 | May 2022 | Completed |
Report a security incident
To make a security vulnerability report, fill out the form. Share as many details as possible, including steps to reproduce. We are deeply grateful to researchers who report issues so that we can address them immediately.