Sovio products are designed for compliance with global data protection and identity frameworks.
Sovio products are architected for data minimisation, purpose limitation, and consent management as required by India's Digital Personal Data Protection Act, 2023. Pramaan verifies identity documents without storing them. Consent generates verifiable receipts compliant with Section 6 consent requirements. Parichay enables tokenised KYC data sharing with granular consent controls.
Sovio's zero-data-retention architecture and BioRef template protection align with GDPR Article 5 (data minimisation), Article 9 (biometric data processing), and Article 25 (data protection by design and default). Verifiable credentials give data subjects direct control over their personal data, supporting Article 20 (data portability) rights.
Sovio products implement recognised international standards for identity, authentication, and data protection — including FIDO2/WebAuthn, OpenID4VC, DIDComm, W3C Verifiable Credentials, ISO/IEC 24745 (biometric template protection), ISO/IEC 30107-3 (liveness detection), ISO 18013-5 (mobile driving licence), and the Shared Signals Framework (CAEP, RISC).
Sovio's verification products process documents and biometric data exclusively in memory. No personal data — including document images, face images, face embeddings, Aadhaar numbers, or PAN numbers — is persisted by default. The BioRef template protection standard ensures that even stored biometric references cannot be reversed to the original biometric sample.
For detailed legal terms, refer to our
Schedule a personalized demo or get in touch with our team to learn more.