OneSpan Trust & Compliance

Data Center Certifications & Safeguards

OneSpan solutions are hosted in multiple data centers across the globe for high availability. We’ve partnered with market leaders in cloud infrastructure services that operate, manage and control all of our hosting components. This includes the host operating system and virtualization layer to the physical security of the facilities in which the services operate.

OneSpan Data Residency

Regulated and compliance-driven industries such as banking, insurance, healthcare, and government often require transparency and control over where transactional data resides. OneSpan solutions are hosted on geo-dispersed data centers. We help you meet data residency requirements keeping your data secure and compliant at all times. Disaster recovery and redundancy helps assure high performance, availability, and business continuity.

We’ve partnered with leading cloud providers such as Amazon Web Services (AWS) and Microsoft Azure to offer data residency in the following locations:

  • OneSpan Sign: US (Commercial and FedRAMP), Canada, Australia, and Europe
  • OneSpan Identity Verification: US and Europe
  • OneSpan Intelligent Adaptive Authentication: US and Europe
  • OneSpan Cloud Authentication: US and Europe
  • OneSpan Risk Analytics: US and Europe

When OneSpan provisions a customer’s account, the customer is assigned to one of these regions (customers may select their region).

Prominent Solution Certifications

OneSpan Sign


SOC 3 Type II

ISO/IEC 27001 seal

ISO/IEC 27001:2013

ISO/IEC 27017

ISO/IEC 27017:2015

ISO/IEC 27018

ISO/IEC 27018:2019

Fedramp logo



Health Insurance Portability and Accountability Act of 1996 (HIPAA)

SkyHigh Enterprise Ready 200px gray circle

Skyhigh Enterprise-Ready

The word "Esign" laid over a light green checkmark

ESIGN Act (Electronic Signatures in Global and National Commerce Act)

The letters UETA laid over a green checkmark

UETA Act (Uniform Electronic Transactions Act)

The word eIDAS against a navy blue background encircled by yellow stars, evoking the EU flag

eIDAS (Electronic Identification and Trusted Services Regulation)

Indecopi logo

Accredited by Indecopi

Trusted Identity Solutions

Service Organization Control (SOC) 2 seal

ISAE 3000 Trust Service Principle

ISO/IEC 27001 seal

ISO/IEC 27001:2013

ISO/IEC 27017

ISO/IEC 27017:2015

ISO/IEC 27018

ISO/IEC 27018:2019

FIPS 140-2

FIPS 140-2 Cryptography™


FIDO 2 Certified


FIDO UAF Certified

FIPS 140-2™: A Certification Mark of NIST, which does not imply product endorsement by NIST, the U.S. or Canadian Governments.