ZipID takes security very seriously.
ZipID data resides within Australia in a state-of-the-art facility that has achieved ISO 27001 certification covering infrastructure, data centres and services. Physical access is strictly controlled by professional security personnel utilising video surveillance, intrusion detection systems, and other electronic means. Authorised personnel must pass two-factor authentication no fewer than three times to access data centre floors.
ZipID encrypts data in transit and at rest. Data in transit uses AES-256 bit SSL (Secure Sockets Layer). This is the same level of encryption used by leading banks and government agencies.
ZipID creates a comprehensive transaction trail between parties. We track and timestamp various information from the moment data is submitted to when it is completely verified, such as IP addresses; User Agent information and geo-location.
ZipID employs independent Security Consultants to undergo penetration tests and vulnerability assessments of its servers.
Verification of Identity Reports are encrypted and stored in ZipID’s secure data facilities for 7 years to satisfy the Participant's record keeping obligations under the VOI rules.