Certified Secure, Always
Smile ID sets the standard in data protection and biometric security in Africa.
We prioritise delivering exceptional quality and robust security for our customers. We safeguard your data and protect your business from fraud by adhering to the highest industry standards. Our commitment is demonstrated through multiple compliance certifications across African countries and the attainment of ISO 30107-1:2016, ISO 30107-3:2023 Level 2, ISO 27001, and SOC 2 Type II certifications.
Biometric Fraud Detection
ISO 30107-1:2016 LEVEL 2
ISO/IEC 30107-1:2016 is a standard that laid the groundwork for biometric presentation attack detection (PAD) by defining terms and establishing a framework for specifying, characterizing, and evaluating PAD methods. It focused on creating a common language and understanding for presentation attacks, which are attempts to deceive biometric systems using fake biometric samples like photos or masks.
ISO 30107-3:2023 LEVEL 2
Smile ID is the leading biometric facial attack prevention software in Africa, securing a 0% attack breach rating.
ISO/ IEC 30107-3:2023 is an advanced certification for biometric presentation attack detection (PAD) and it demonstrates our commitment to preventing fraudsters from using fake biometric samples to trick the system. This certification involves rigorous testing, requiring a less than 1% failure rate over 2 to 4 days of continuous attack testing.
More info: ISO/IEC 30107-1:2023 Explained
Information Security and Data Protection
ISO 27001
ISO 27001 is the leading international standard for information security management systems (ISMS). It certifies that organizations manage the security of assets such as financial information, intellectual property, employee details, and information entrusted by third parties, to the highest standards. It provides a systematic approach to managing sensitive company information so that it remains secure by following best practices throughout the company.
More info: ISO 27001 Explained
SOC 2 Type II
SOC 2 Type 2 is a report that evaluates an organization's information security measures over a period of time. It focuses on five trust service principles: security, availability, processing integrity, confidentiality, and privacy. This certification ensures that the organization's controls are effective in protecting data.
More info: SOC 2 Type II Guide
Regulation & Compliance
User Data Protection
General Data Protection Regulation
The General Data Protection Regulation (GDPR) is the European regulation on the protection of natural persons with regard to the processing of personal data and on the free movement of such data.
The GDPR includes a series of principles and requirements that determine the correct processing of personal data, leading to the establishment of multiple policies, procedures, and good practice guidelines that Smile ID has implemented and reinforced by its certifications in information security.
Protection of Personal Informations Act (South Africa)
The Protection of Personal Information Act (POPIA) is South Africa's comprehensive data privacy law.
It aims to protect personal information processed by public and private bodies, ensuring that personal data is handled responsibly and securely.
POPIA outlines requirements and obligations for entities that collect, process, and use personal information, and it is enforced by the Information Regulator.
Nigeria Data Protection Commission
The Nigeria Data Protection Commission (NDPC) is the main supervisory and regulatory authority for data protection in Nigeria.
Established to oversee the implementation and enforcement of the Nigerian Data Protection Act 2023. The NDPC ensures that data privacy and protection standards are maintained across the country
Kenyan Data Protection Commissioner
In Kenya, the Data Protection Act, 2019 is the key legislation governing data protection. This Act establishes the Office of the Data Protection Commissioner (ODPC) and sets out the rights of data subjects, as well as the obligations of data controllers and processes.
It aims to ensure that personal data is processed in a manner that respects privacy and protects individuals' rights.
The Data Protection Commission of Ghana
The Data Protection Commission (DPC) of Ghana is an independent statutory body established under the Data Protection Act, 2012 (Act 843). Its primary role is to protect the privacy of individuals and personal data by regulating the processing of personal information.
The Commission ensures that personal data is obtained, held, used, and disclosed responsibly and securely.
With our unwavering commitment to data security and compliance, you can trust us to safeguard your information and protect your business. Our certifications and proven track record in preventing fraud and ensuring privacy reflect our dedication to providing you with the highest standards of protection. Partner with us and experience peace of mind knowing that your data is in safe hands.
Get on the fast track to Africa's digital economy
Get started and start verifying your users in under 4 seconds.