Our key measures

Data encryption

Data is encrypted when stored using the AES symmetric encryption algorithm with a 256-bit key managed by Yousign. Data in transit is encrypted using the TLS protocol, and only state-of-the-art TLS versions are authorized.

Secure access to infrastructure

Access to infrastructure is protected by a VPN. The VPN authentication is personal and depends on several authentication factors including a password, a physical security key and a certificate.

Data duplication

Data is replicated in real-time across several geographical areas.

Hosting in France

Yousign solutions are exclusively hosted in France. The evidence files we create for each electronic signature are legally archived at Arkhinéo, a third-party archiver certified at the European level.

Management of vulnerabilities

Yousign deploys an audit programme to have its solutions continuously tested by independent experts (annual technical audits) and by the community (Bug Bounty). If you have identified a vulnerability, please report it to security@yousign.com.

Human risk management

All Yousign team members have the SecNumacadémie Certificate of Achievement for awareness training modules produced by the French National Agency for the Security of Information Systems (ANSSI).

Want to find out more? Download our white paper

Download

Certifications and Standards

eIDAS

The eIDAS regulations standardize the rules for the use and legal recognition of the electronic signature processes of EU member countries. Yousign is a trusted third party and has eIDAS certifications for electronic signature, electronic seal and time stamping.

GDPR

The European Data Protection Regulation (GDPR) strengthens the protection of personal data of EU citizens. Yousign is a trusted third party and ensures the highest level of compliance with the GDPR.

Their agreements are powered by Yousign