Suprema has received ISO 27001 and ISO 27701 certifications for its BioStar 2 identity verification platform. The two certifications speak to the platform’s privacy and data protection capabilities, and indicate that BioStar 2 meets the latest international security regulations.
In that regard, ISO 27001 is a longstanding standard that concerns basic data protection and information management, and demonstrates that BioStar 2 is taking the necessary precautions to protect both. ISO 27701, on the other hand, is a newer certification handed to solutions that comply with recent privacy laws like the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). The new standard was established in August of 2019.
BioStar 2 passed every test along the way to certification. More specifically, the platform met 26 requirements for data protection management, 114 for data protection control, and 18 for personal information management. Those standards are set by the International Organization for Standardization (ISO).
The certifications should ease concerns about the integrity of BioStar 2 that arose after a digital security firm was able to gain access to the database in 2019. Suprema tried to downplay the scope of the breach, but nevertheless updated BioStar 2 with stronger encryption in May of 2020. The new certifications suggest that Suprema has made the proper adjustments and that BioStar 2 is now in line with modern security expectations.
“Suprema has been striving to strengthen the security level of not just our products and solutions but the company as a whole,” said Suprema CEO Young Moon. “We’ve expanded our security team and are running a data protection system in line with global security compliance standards. I’m glad to have the ISO 27001 and 27701 certifications validate our efforts.”
BioStar 2 is a web-based authentication solution that can be used for applications like access control and time and attendance management. The open platform was built to make it easier for customers to integrate it with third-party systems.
December 16, 2020 – by Eric Weiss