We are leaders in providing compliant KYC/AML compliance for the art market with a set of cutting-edge technologies and a team of experienced and renowned professionals. These are our compliance and security features.
iPass ID’s identity verification platform is globally applicable, as our approach and methodology are carefully designed according to the FATF recommendations regarding AML and CTF requirements, which serves as the international basis for local AML laws.
Our system is based on a risk-based approach and follows global and local regulatory norms (FATF, HMRC). Our expertise in compliance and our provision of a range of technologies help us and financial authorities to speak in a common language for our customers.
The iPass ID platform is created with tools that enable completely automatic KYC verification as well as checks based upon human review in line with the current European legislation on non-face-to-face customer identification in the banking industry.
We constantly monitor all the existing user profiles to manage the risks. The system will indicate if a user has been put on a Sanctions list or his document has expired. You can react immediately in case of any changes.
At iPass ID, we have established a comprehensive ongoing GDPR compliance program while providing training to our staff and conducting meetings on how important data protection is for the entire core team.
We receive customer consent before processing personal data. The request for consent is placed in a separate checkbox before verification, so a user clearly understands what they are agreeing with.
In our policy it is clearly stated how the user’s data is going to be used and for how long. It gives users transparency and information about the purposes and methods of processing.
All data is stored in secure Microsoft Azure Cloud servers. Overall responsibility for all data security lies on the DPO (Data Protection Officer) registered at the UK Information Commissioner’s Office as ZA633666.
Our users have the right to withdraw consent within a reasonable timeframe. To revoke an approval, all they have to do is delete their account in their profile screen or send a message to support@juste.ai.
User data is stored in encrypted format on our servers, which are kept at Uptime Institute classified Tier III data centers compliant with TIA-942 and PCI DSS standards, protected by specially audited security personnel.
Data is encrypted based on the TLS 1.2 protocol. Decryption keys are stored separately from the actual data, so people with criminal intent won’t get access to your sensitive data.
Our applications are constantly monitored and in the event of an issue we are notified with a screenshot of the error, and a second-by-second timeline with the fastest 30-second checks.