Sumsub
Trust Center

Setting new standards in compliance, fraud prevention, and verification is only half the story — at the heart of our commitment is complete transparency with our clients about the robust systems, certifications, audits, and policies that back it up. We conduct regular penetration testing and adhere to stringent data privacy regulations, including GDPR and CCPA, to safeguard your information with unwavering diligence. These efforts, combined with our comprehensive security measures, position Sumsub as a globally trusted and secure verification leader, serving industries such as fintech, cryptocurrency, transportation, online marketplaces, and beyond.

To maintain transparency, we’ve established the Sumsub Trust Center—a dedicated hub where clients can independently evaluate our security practices, access restricted documents (like our SOC 2 Type 2 report, AOC of PCI DSS, and more), review our compliance certifications, and gain deeper insight into our protective frameworks.

To request additional information about our security measures, including non-public reports, please submit a request.

Third-Party Audits
and Security Standards

SOC 2 Type 2
SOC 2 Type 2
Independent security assessment
PCI DSS
PCI DSS
Secure payment card data processing
Penetration Testing
Penetration Testing
Regular security audits
iBeta Level 2 Report
iBeta Level 2 Report
Biometric Presentation Attack Detection
iBeta Level 1 Report
iBeta Level 1 Report
Biometric Presentation Attack Detection

ISO Standards for Security, Risk, and Quality Management

ISO/IEC 27001
ISO/IEC 27001
Information Security Management System
ISO/IEC 27017
ISO/IEC 27017
Independent security assessment
ISO/IEC 27018
ISO/IEC 27018
Protection of personal data in the cloud
ISO 31000:2018
ISO 31000:2018
Risk management framework compliance
ISO 9001:2015
ISO 9001:2015
Quality management system compliance

Privacy & Compliance