Skip to main content
Digital security

First-class digital security

Securing your online identity is a top priority: this means that itsme ensures the protection of your personal data, but also that it guarantees a secure connection between the app and every partner you use itsme with, every time again.

In short, security is the key to everything we do at itsme.

  • A unique combination

    Your digital identity can only be used on your smartphone, using the itsme app you have installed and your personal secret code. This method is also called multi-factor authentication (MFA). This way, only you have access to it.

  • A passwordless login

    No need to choose, remember and manage a different password for each website or app. With itsme you can log in anywhere without a password. Your itsme is THE encrypted and secure authentication key that you manage from your app.

  • No consent? No action!

    Whatever you do with itsme, you must always confirm and enter your secret code yourself. This ensures that your personal data is never shared without your permission.

Highly secure technology

itsme combines state-of-the art technologies to guarantee the security of your personal data.

Your personal data stored securely in Europe

Your data is stored encrypted in one of the most secure data centres in the European Union. No data is stored on your smartphone.

What data does itsme® use?

Encrypted data, at any time

itsme encrypts your data for storage and communication to a partner in order to guarantee maximum protection at all times.

Middle aged man looking at computer evening

Only you know your code

There is no database of itsme codes. So you are the only person in the world who knows the 5-digit code to use your itsme app.

Icons for extra security

The first time you log in on a computer or a tablet an icon will pop up. Selecting the same icon in the itsme app secures the connection between your browser and your app. When signing with itsme, selecting an icon will be requested for every signature.

This is an extra security measure.

Secure connection with every partner

Each itsme partner (your bank, your insurance, your telecom operator,...) has a unique connection and uses asymmetric-key cryptography: one key to encrypt the data and another key to decrypt it. Encrypting the data ensures that the information is unreadable by anyone except the designated partner.

Certified digital identity

itsme emphasises the confidentiality and integrity of personal data. So we always comply with European regulations on security and privacy.

  • eIDAS: identity with level of assurance high

    itsme has been officially recognised by Europe as a reliable means of identification, at high level. The itsme app therefore fulfils the highest security requirements of eIDAS (European regulation on electronic identification and trust services for electronic transactions).

  • eIDAS: Qualified Trust Service Provider

    A signature with itsme is a Qualified Electronic Signature acknowledged by eIDAS and all EU Member States. This signature has the same legal value as a handwritten signature.

  • ISO: ISO/IEC 27001:2013 certified

    itsme is ISO/IEC 27001:2013 certified for the management of information security for the itsme app. This emphasises the high standard of availability provided by itsme services and the confidentiality and integrity of the user data.

  • EBA guidelines

    itsme works closely with the banking sector and is compliant with a series of uniform rules applied by the European Banking Authority (EBA).

  • PSD2 guidelines

    itsme offers a mobile solution for strong multi-factor authentication and is fully compliant with the European PSD2 directive.

  • GDPR guidelines

    The General Data Protection Regulation or GDPR comprises a series of rules designed to better protect the data of European citizens.

  • NIS directive

    The NIS Directive is the first piece of EU-wide legislation on cybersecurity. It provides legal measures to boost the overall level of cybersecurity in the EU.

  • Anti-money laundering

    We are compliant with Anti-Money Laundering (AML) regulations. These internationally endorsed global standards (endorsed by the FATF) help detect and report suspicious activity, including offenses involving money laundering and terrorist financing.

  • The Digital Operational Resilience Act (DORA)

    The Digital Operational Resilience Act (DORA) is a unified approach for mitigating all ICT-related incidents in Europe's financial industry. It replaces multiple ICT risk management frameworks and requires ICT Third-Party providers to conform to regulatory standards.