Success Story

> C.A. Osasuna

Success Story

> C.A. Osasuna

Success Story

> C.A. Osasuna

Translate this website

Trusted technology,

certified technology

Information Security

ISO 27001

ISO 27001 is the highest international standard for implementing, maintaining, and improving information security management systems (ISMS).

dasGate has obtained this ISO 27001 standard certification by having a complete information security management system in continuous improvement. The scope of this certification covers all activities and services offered by dasGate.


The services developed by dasGate are covered by the SOC 2 report. SOC 2 is a report based on the existing Trust Services Criteria (TSC) of the Auditing Standards Board of the American Institute of Certified Public Accountants (AICPA).

This report assesses an organisation’s information systems related to security, availability, processing integrity, confidentiality and privacy. The SOC 2 report includes a detailed description of more than 100 controls in place to protect the data processed in the services offered by dasGate’s solutions.
dasGate periodically undergoes an external audit to verify compliance with this standard.

National Security Scheme

dasGate’s biometric engine, has several security certifications, such as the National Security Scheme, certified at medium level. Veridas has been audited and found compliant with the requirements of Royal Decree 3/2010 of January 8, which regulates the National Security Scheme in the field of electronic administration.

Quality management

ISO 9001

ISO 9001 is defined as the internationally recognised standard for quality management systems (QMS). ISO 9001 provides a framework and a set of principles to ensure a logical approach to managing your organisation to the satisfaction of your customers and stakeholders.

dasGate has been certified in this ISO 9001 standard as it has a complete quality system in continuous improvement. The scope of this certification covers all the processes offered by dasGate.

Data protection

The use of an AI-based system provides guarantees of accuracy, security and data protection in the sense required by privacy principles by default and by design.

General Data Protection Regulation

The General Data Protection Regulation (GDPR) is the European regulation on the protection of individuals with regard to the processing of personal data and the free movement of such data.

The GDPR includes a series of principles and requirements that determine the correct processing of personal data, leading to the establishment of multiple policies, procedures, and good practice guidelines that dasGate has implemented and reinforced by its certifications in information security.

Personal data protection in Mexico

dasGate complies with the requirements established by the Mexican regulation, partially thanks to its similarity with European data protection regulations regarding the rights of data subjects and the obligations of data controllers and data processors.

The framework for the protection of personal data in Mexico is composed of several regulations, among which we can highlight the Federal Law for the Protection of Personal Data in Possession of Private Parties (LFPDPPP) and its Regulation.

California Consumer Privacy Act (CCPA)

The California Consumer Privacy Act (CCPA) is a privacy law that regulates any business that may process the personal information of California residents, so in practice, it can affect companies anywhere in the U.S. or the world.

dasGate complies with the requirements set forth by the CCPA, which is strengthened by the data processing policies that dasGate applies in the provision of its services (controller control of how data is processed, no storage of personal data, etc.).

Personal data protection in Colombia

dasGate has established security measures and privacy by default and by design principles, and complies with the obligations established for data processors, which are always regulated in a contract with its clients.

In Colombia, personal data protection is regulated by Law 1581 of 2012 and various decrees, developing the principles established by the Constitution.


The AEPD Digital Pact

dasGate has been certified in the Digital Pact launched in 2021 by the Spanish Data Protection Agency. Its objective is that institutions and entities, both public and private, take a more active role in promoting a healthier and more respectful culture on a network that belongs to everyone and should continue to belong to everyone. 

To this end, its members are committed, on the one hand, to promoting and disseminating the importance of Personal Data Protection in this respect, as well as the guidelines for a respectful lifestyle on the Internet. On the other hand, to publicise the tools that are available to us to combat digital violence, such as the Priority Channel that the Agency has developed to collect complaints in this area”.

Technology certifications

Our biometric technology is developed by Veridas, a company recognised for its commitment to quality, regulation and compliance. For this reason, we have the following certifications.

National Institute of Standards and Technology (NIST)

Veridas has been submitting its technologies to NIST evaluations since 2018 and continues to do so with the firm belief that constant scrutiny is the only way to maintain its position as a world leader in the biometric solutions market.

We are the only company in the world to be present at the NIST 1:1 and 1:N assessments in facial, and voice recognition (1:1)

The U.S. National Institute of Standards and Technology (NIST) is the world’s most trusted institution for biometric solutions. (NIST) is the most relevant institution in the standardization of biometric technologies. NIST conducts periodic evaluations of biometric engines submitted by different vendors to assess and provide unbiased rates of accuracy and performance in different environments.

ISO 30107-3 iBeta Level 2

Veridas is compliant with ISO 30107-3 from iBeta. This confirms that the liveness detection and facial biometric identity verification technology has successfully passed all the demanding requirements regarding attacks in verifying individuals’ identities.

ISO/IEC 30107 refers to the detection of presentation attacks or, in other words, the detection of attempts to impersonate or deceive the system. For this purpose, Veridas solutions have active and passive anti-spoofing mechanisms (depending on whether or not they require user action).

All Veridas systems include anti-spoofing fraud prevention techniques. In addition, Veridas’ facial recognition system (das-Face) is compliant with iBETA ISO/IEC 30107-3 Level 1.

Request a demo