ID.me uses bank-grade security infrastructure and federally compliant information protection practices to safeguard your data.
Physical Security
The most important layer of security is the physical layer. Our servers are hosted in SSAE 16 validated data centers protected by armed security guards, surveillance equipment, and state-of-the-art access control technology.
PII Encryption
Sensitive data on ID.me servers is tokenized and stored separately so that even if you were able to break through our access controls, you would be unable to access customer information. We leverage a FIPS 140-2 validated, AES-256 data encryption solution with the same integrated key management utilized by many leading financial institutions.
Safe and Secure Hosting Platform
ID.me is hosted within the Amazon Web Services (AWS). Amazon Web Services (AWS) is a proven leader in the industry, with rigorous security audits to ensure the security of all data on their servers.
Federal Accreditations and Esteemed Accolades
ID.me is one of only four companies accredited by the federal government at the highest level possible for a remote identity provider. You can view our certification status by visiting the FICAM List of Approved Identity Services. Further, the White House has encouraged the adoption of Troop ID (ID.me) and is applauding businesses that implement our technology. Lastly, you can read more about the benefits and security that ID.me provides as it relates to identity management and security, as well as the NSTIC Identity Management Pilot we are involved in by visiting the NSTIC website.
Should you have additional questions or concerns, we recommend that you read our FAQ page and our Privacy Policy for additional information. However, if you have specific questions related to the handling and protection of your information, please let our ID.me Member Support Team know and we can discuss your concern.