OneSpan Trust & Compliance

Data Center Certifications & Safeguards

OneSpan solutions are hosted in multiple data centers across the globe for high availability. We’ve partnered with market leaders in cloud infrastructure services that operate, manage and control all of our hosting components. This includes the host operating system and virtualization layer to the physical security of the facilities in which the services operate.

OneSpan Data Residency

Regulated and compliance-driven industries such as banking, insurance, healthcare, and government often require transparency and control over where transactional data resides. OneSpan solutions are hosted on geo-dispersed data centers. We help you meet data residency requirements keeping your data secure and compliant at all times. Disaster recovery and redundancy helps assure high performance, availability, and business continuity.

We’ve partnered with leading cloud providers such as Amazon Web Services (AWS) and Microsoft Azure to offer data residency in the following locations:

  • OneSpan Sign: US (Commercial and FedRAMP), Canada, Australia, and Europe
  • OneSpan Identity Verification: US and Europe
  • OneSpan Intelligent Adaptive Authentication: US and Europe
  • OneSpan Cloud Authentication: US and Europe
  • OneSpan Risk Analytics: US and Europe

When OneSpan provisions a customer’s account, the customer is assigned to one of these regions (customers may select their region).

Prominent Solution Certifications

OneSpan Sign

Service Organization Control (SOC) 2 seal
SOC 2 Type II
ISO/IEC 27001 seal
ISO/IEC 27001:2013
ISO/IEC 27017
ISO/IEC 27017:2015
ISO/IEC 27018
ISO/IEC 27018:2019
Fedramp logo
Health Insurance Portability and Accountability Act of 1996 (HIPAA)
SkyHigh Enterprise Ready 200px gray circle
Skyhigh Enterprise-Ready
The word "Esign" laid over a light green checkmark
ESIGN Act (Electronic Signatures in Global and National Commerce Act)
The letters UETA laid over a green checkmark
UETA Act (Uniform Electronic Transactions Act)
The word eIDAS against a navy blue background encircled by yellow stars, evoking the EU flag
eIDAS (Electronic Identification and Trusted Services Regulation)

Trusted Identity Solutions

Service Organization Control (SOC) 2 seal
SOC 2 Type II Attestation
Service Organization Control (SOC) 2 seal
ISAE 3000 Trust Service Principle
FIPS 140-2
FIPS 140-2 Cryptography™
FIDO 2 Certified
FIDO UAF Certified

FIPS 140-2™: A Certification Mark of NIST, which does not imply product endorsement by NIST, the U.S. or Canadian Governments.