Voluntary Independent Audit Confirms Aware's Security Controls and Data Privacy Practices

Aware, Inc., a leading authentication company applying proven and trusted adapted authentication to solve everyday business challenges with biometrics, announced it has achieved SOC (System and Organization Control) 2 Type I compliance for AwareID, its cloud-based adaptive authentication platform. Prepared by Aprio, Aware’s report details the controls in use by Aware and confirms they are properly designed and enforced.

“Every day, AwareID handles and processes highly sensitive biometric data. This requires us to implement extremely thorough information security controls addressing all of the SOC 2 trust service principles,” said Aware CTO Dr. Mohamed Lazzouni. “Compliance with SOC 2 requirements indicates that we maintain an extremely high level of information security, which clearly benefits both Aware and AwareID customers as they venture into biometric authentication.”

Aprio is a premier, full-service business advisory and certified public accounting firm. Their report affirms that AwareID is fully compliant with and delivers customer data management services grounded in the five SOC 2 principles of security, availability, processing integrity, confidentiality and privacy.

“This third-party independent validation means Aware is capable and trusted to handling highly sensitive information with the utmost responsibility and protecting customer data. Customers prefer to work with service providers that can prove they have robust information security practices in place, especially for cloud and SaaS services, so achieving SOC 2 Type I compliance is beneficial,” continues Lazzouni. “It means we can better defend against cyberattacks and prevent breaches due to continuous improvement in information security practices outlined in SOC 2 guidelines. The certification is particularly impressive given that AwareID is predominantly used in the financial services industry, where privacy and confidentiality are paramount and organizations often have to meet higher standards.”

SOC 2 is a voluntary security framework developed by the American Institute of CPAs (AICPAs) that specifies how organizations should protect customer data from unauthorized access, security incidents and other vulnerabilities. Completion of Aware’s SOC 2 Type I report was the result of an independent on-site audit completed on October 31, 2022.