Security

Evidos is a market leader in the field of electronic signatures and electronic identification. Ondertekenen.nl and Signhost.com are solutions that are supplied by Evidos. The security of information is imperative to Evidos. For example, we make every conceivable effort to prevent unauthorised access to our clients’ confidential information , and to ensure that it is correct and available whenever required. Therefore, Evidos takes a proactive approach to keeping its systems secure.

The method that is used for electronic signatures must be reliable and secure. We guard the quality and reliability of our services 24/7. The security of our services satisfies the industry’s most stringent standards at every level. We are the partner you can trust when it comes to having documents, such as PDF files, signed electronically. Furthermore, Evidos ensures that its procedures and processes are drawn up and designed in accordance with commonly accepted standards (good practices), such as ISO 27001 and COBIT.

Evidos’ Certifications and Accreditations

Evidos holds the following certifications and accreditations:

dekra

ISO/IEC 27001

Evidos wants to demonstrate to clients that it has information security under control, which is why, since March 2017, we have been in compliance with the conditions provided for under ISO/IEC 27001: the de facto standard for information security.

To provide, develop, maintain and support a cloud signing and authentication service.

DEKRA Certification carries out an annual check to establish whether we still meet the criteria, and a full ISO audit is conducted once every three years.

Click here for the certificate.

SOC2

Evidos is compliant to the SOC 2 requirements. This statement garantuees customers the high service level of product development and Signhost.com. SOC 2 refers to the infrastructure, software, procedures, people and data of an online service provider and what requirements are needed to meet the highest international standards. Hereby both foreign as domestic organisations know what to expect.

soc2
logius

Third-Party Statement (TPM) for DigiD

Logius requires an annual report on the ICT security assessment of DigiD. That audit is conducted by a registered EDP auditor (RE auditor) of an independent certified party, which will draw up a Third-Party Statement (TPM) following the audit.

Evidos issues the TPM to its clients who use DigiD every year.

iDIN – Digital Identity Service Provider (DISP)

Evidos is Digital Identity Service Provider (DISP) for iDIN. The Dutch Payments Association has officially certified Evidos to help companies use iDIN on their own website. As a DISP, Evidos is allowed to provide iDIN services directly to “acceptors” without the intervention of a bank. These can be web shops or government services that use iDIN to identify a user or to allow a customer to log in.