The first time you log in on a computer or a tablet an icon will pop up. Selecting the same icon in the itsme® app secures the connection between your browser and your app. When signing with itsme®, selecting an icon will be requested for every signature.
This is an extra security measure.
Each itsme® partner (your bank, your insurance, your telecom operator,...) has a unique connection and uses asymmetric-key cryptography: one key to encrypt the data and another key to decrypt it. Encrypting the data ensures that the information is unreadable by anyone except the designated partner.
itsme® emphasises the confidentiality and integrity of personal data. So we always comply with European regulations on security and privacy.
itsme® has been officially recognised by Europe as a reliable means of identification, at high level. The itsme® app therefore fulfils the highest security requirements of eIDAS (European regulation on electronic identification and trust services for electronic transactions).
A signature with itsme® is a Qualified Electronic Signature acknowledged by eIDAS and all EU member states. This signature has the same legal value as a handwritten signature.
itsme® is ISO/IEC 27001:2013 certified for its information security management, ensuring the highest standards of availability, confidentiality, and integrity for user data in the itsme® app.
itsme® works closely with the banking sector and is compliant with a series of uniform rules applied by the European Banking Authority (EBA).
itsme® offers a mobile solution for strong multi-factor authentication and is fully compliant with the European PSD2 directive.
itsme® complies with the General Data Protection Regulation or GDPR wich comprises a series of rules designed to better protect the data of European citizens.
The NIS Directive is the first piece of EU-wide legislation on cybersecurity. It provides legal measures to boost the overall level of cybersecurity in the EU.
We are compliant with Anti-Money Laundering (AML) regulations. These internationally endorsed global standards (endorsed by the FATF) help detect and report suspicious activity, including offenses involving money laundering and terrorist financing.
The Digital Operational Resilience Act (DORA) is a unified approach for mitigating all ICT-related incidents in Europe's financial industry. It replaces multiple ICT risk management frameworks and requires ICT Third-Party providers to conform to regulatory standards.