Join the 7/21 live chat & demo: How to turn KYB & KYC into your competitive advantage


Persona achieves SOC 2 Type 2

Security and privacy aren’t just features — they are part of our identity.

Read time:
Share this post
Table of contents
⚡ Key takeaways

‍As an identity verification platform that handles sensitive data, we’ve always understood that data security is a foundation of our platform. And as online data security becomes increasingly important, we hold ourselves to relentlessly high standards when it comes to bringing trust and transparency into how we handle our customers’ data. Therefore, we’re proud to announce the completion of our SOC 2 Type II examination for security, availability, and confidentiality as a testament to the commitment we’ve made to security and privacy.

What is SOC 2 you ask? Good question! 

The Service Organizational Control 2 (SOC 2) is recognized as a gold standard for data security and requires organizations to establish and follow strict information security policies and procedures. An accredited third-party annually audits and attests to an organization’s adherence to the policies and procedures. The SOC 2 Type II process takes 9 to 12 months and is significantly more rigorous than SOC 2 Type I as it requires a comprehensive audit of the established information security policies and procedures over a period of time.

We’ve implemented best practices from the start

We started working toward our SOC 2 from day one, implementing best practices in information security from the start. We achieved our Type I in May 2019 and immediately focused on Type II. Completing our SOC 2 Type II attestation was a natural by-product of our existing approach to security, as opposed to checking off a box. 

As the best-in-class identity verification platform, Persona sits at the intersection between privacy, security, and compliance. In today’s current identity landscape, it’s more important than ever to protect sensitive information and put a stop to the increasing cycle of fraud. 

Other SaaS companies who handle sensitive data may complete SOC 2 Type II examinations, but you’ll find few, if any, who achieved both Type I and Type II attestations before raising a big funding round. This is a serious win for all of our customers and is a testament to our commitment to creating the best-in-class identity verification platform on world-class infrastructure.

While SOC 2 is an important milestone in our efforts to be the most secure identity platform in the market, we understand that our work is never done. We’ll continue to implement industry-leading, information security practices and raise the bar on behalf of our customers. 

Chat with a product expert
See a demo of Persona's identity platform

Long-story short, we take security very seriously

Persona is also GDPR, CCPA, and HIPAA compliant, further validating our secure data practices.  

Customers can request the SOC 2 report by contacting us at The report documents how our information security practices and procedures meet the SOC 2 trust principles criteria for security, availability, and confidentiality. 

You can also learn more on our Security Page.

Frequently asked questions

No items found.

Continue reading

Continue reading

Power all of your identity operations with Persona's identity infrastructure

Power all of your identity operations with Persona's identity infrastructure

Businesses can build and unite any part of their identity operations with Persona’s configurable building blocks.

Introducing Workflows: automations for any use case

Introducing Workflows: automations for any use case

From setting custom rules to triggering actions, Workflows is a flexible, intuitive, and powerful way to automate your identity processes and more.

Our Series B and the future of Persona

Our Series B and the future of Persona

We’ve raised $50 million to bring us one step closer to becoming the identity layer of the internet.

Ready to get started?

Get in touch or start exploring Persona today.