Latest from the Didit blog.

Didit Is SOC 2 Type 1: What's In Scope and What It Means
Didit holds a SOC 2 Type 1 attestation from ATOM, covering the Security, Availability, and Confidentiality trust criteria as of 2026-04-09. Here is what SOC 2 Type 1 attests to, what is in scope, and how to use it in vendor due di

Didit Is ISO/IEC 27001:2022 Certified (Cert ES144068)
Didit holds an ISO/IEC 27001:2022 certificate — Bureau Veritas, ENAC-accredited, cert nº ES144068, valid until 2027-06-03. Here is what ISO 27001 certifies, what Didit's certificate covers, and how to use it in procurement.

Building a DORA-Ready Audit Trail With Didit Webhooks
DORA expects financial firms to evidence what happened, when, and to whom across their ICT systems. Here's how to build a tamper-evident audit trail from Didit's verification webhooks — with a worked JSON example.

BYOK Wallet Screening: Crystal & Merkle Science, ~10× Cheaper
Bring your own Crystal or Merkle Science key and screen crypto wallets at $0.02 per screening — roughly 10× cheaper than buying a blockchain-analytics subscription direct, with no seat licenses or annual minimums.

How Didit Meets DORA: ICT Third-Party Risk for Identity
DORA makes financial entities accountable for the ICT third parties they rely on — including identity providers. Here is how Didit's ISO 27001 certification, SOC 2 Type 1 attestation, and audit-trail posture support a DORA-ready v

Compliant by Design: The Full Didit Attestation Stack
Five independent attestations — SOC 2 Type 1, ISO/IEC 27001:2022, iBeta Level 1 PAD, the Tesoro/SEPBLAC/CNMV sandbox conclusion, and the finReg360 EBA opinion — make Didit's compliance posture provable, not promised.