Getting StartedOverviewComplianceIntegrationAPIConcepts
Identity AppsAssessments

Identity App Assessment

Every identity app undergoes a mandatory assessment before it can be integrated into our platform. The purpose of this assessment is to ensure that the identity app meets our security standards, aligns functionally with our platform, and provides a clear overview of the attributes it supports and the business model behind it. This process helps us maintain a consistent level of trust, interoperability, and transparency across the ecosystem.

Topics

Key topics assessed in the assessment include, but are not limited to:

  • Cryptography. Verifies whether the cryptographic measures used by the identity app to protect stored data, whether locally on the device in decentralized identity apps or in a centralized vault for federated models, are aligned with relevant security standards, such as those defined by NIST and ETSI.
  • Ecosystem. Verifies if the identity app is part of an open or closed ecosystem. This distinction is essential for understanding the app’s interoperability and trust model.
  • Data-control and data-minimalisation. Verifies that the customer remains in control of their data, has the ability to share only a limited and relevant set of attributes, and that the user’s privacy is effectively safeguarded.

Regulation and legislation

Regulations and legisaltion are continuously monitored (such as eIDAS2.0, NIST, etc.), to ensure the assessment is up date to meet the requirements.

Reevaluation

On a yearly basis, all identity apps are re-assessed to monitor changes and updates to ensure the identity app still adheres to our requirements.

Data Protection Impact Assessment (DPIA)

Previous Page

On this page

TopicsRegulation and legislationReevaluation