The Bug Bounty program will provide Onfido with access to YesWeHack’s community of 40,000 cybersecurity researchers and ethical hackers, to pinpoint unknown vulnerabilities in return for a financial reward.
This enables Onfido to maintain its strong commitment to security, better understand the tactics that bad actors attempt to use and flag any potential security flaws before new products and services are made available to the public.
Commenting on the partnership, Alex Valle, Chief Product Officer at Onfido said: “Security and compliance are essential to our mission of creating a more open world, where identity is the key to online access and we are always looking for ways to strengthen this. YesWeHack shares our values in operating under the strictest compliance processes and abiding by a security-by-design approach. The Bug Bounty program delivers us gold standard protection from bad actors, identifying and fixing any critical vulnerabilities before they even have a chance to arise.”
Innovative solutions to help cyber security
Founded in 2015, YesWeHack is a global Bug Bounty and Vulnerability Disclosure Policy (VDP) Platform. It runs private (invitation based only) programs and public programs for hundreds of organisations worldwide in compliance with the strictest European regulations.
Onfido aims to make it easy for people to access services by digitally verifying them using its Real Identity Platform. The platform allows businesses to tailor verification methods to individual user and market needs in a no-code, orchestration layer – combining the right mix of document and biometric verifications, trusted data sources, and passive fraud signals to meet their risk, friction and regulatory requirements.
It partners with over 800 businesses globally to help millions access services every week, and supports checks in 195 countries, and 2,500+ document types.
The company recently expanded its flagship Real Identity Platform to deliver a curated library of globally trusted data sources and identity verification services. This is in addition to tailored user experiences designed around specific fraud and regulatory use cases, compliance requirements, global needs, risk appetite, and business objectives. It’s these innovative solutions that will benefit from ongoing testing by ethical hackers, providing full transparency on data security, and allowing Onfido to double down on its values of trust and privacy.