OnePIN decided to apply for a StarAudit certificate in 2018 to facilitate its entry into the European telco market. According to OnePIN’s CEO, this strategy has already proven very successful and StarAudit has been extremely helpful during the negotiations with telecom operators.
In the interview below we explore some of the aims, basis and steps behind the certification proce
Why did OnePIN pursue an audit?
We understand that our customers, the largest mobile operators in the world, are looking for a level of transparency into our operational processes and data security practices. This level of transparency can be difficult to obtain and fully appreciate without actually having deep access into a data center. Our software is in the hands of more than 300 million mobile subscribers worldwide – we’re not a small player. Being able to demonstrate OnePIN’s strength and approach and to clearly show we have the necessary management architecture, repeatable processes, and overall mindset in place was really critical to us. We needed a rigid third party accredited audit against a set of well defined and documented controls.
Why choose the EuroCloud StarAudit Certification?
We choose EuroCloud given the specific focus it places on the European market, which has tighter data controls than other markets (including the US) at present. With GDPR now a huge reality, we wanted to work with an entity that recognized the significance of this new regulatory landscape. We value both an audit team and a certification organization who are working with the regulatory bodies crafting this legislation, and who in turn are creating controls within the audit process that reflect the operational and organizational aspects that must be in place in order to ensure full compliance.
What was the scope of the audit?
OnePIN provides a service platform with a multitude of service offerings that allow mobile operators to better engage with their subscribers. We chose to include our platform and each of our services in the scope of the audit – meaning we were evaluated as both a PaaS and a SaaS provider. We wanted to give our customers the assurance that our security practices are codified across our entire suite of solutio
How do you feel about being the first US company to successfully achieve a 4-star rating from EuroCloud?
OnePIN has always been a first mover, and a leader in our industry. We’re a global company, in more than 20 different countries and 30 of the biggest mobile operators. Our innovative solutions are protected worldwide by several dozen patents. Just like protecting our IP has always been a priority, pushing the edge of industry leading security and data practices has also always been a critical focus for us given our customer base. We were the first US company to be awarded the TRUSTe certification by TrustArc – there are now hundreds of companies also holding this certification. We have always been pioneers, and we were quite happy to work with EuroCloud to add another “first" to our list of accolade
Most valuable piece?
The 4-star achievement has been extremely useful when talking to mobile operators – our customers. In discussions, we’re now able to easily demonstrate that our services truly do use best practice methodologies, and that personal data is protected and secure. We have been in meetings where the mention of our 4-star EuroCloud rating has eased nearly all questions about data security – and that has been really valuable.
Ease of the process?
We found the self assessment tools provided by EuroCloud very helpful. The EuroCloud team also gave great insight and support with direct answers to our questions. There were no surprises during our audit process.
Did you achieve your goal of providing transparency?
Yes - EuroCloud publishes the complete report publicly. There is total transparency and we are proud to stand behind our 4-star rating and more importantly – our overall practices as a company.
What’s next?
The landscape is always changing. Its an exciting time for platform and service providers like us. We’re hoping to add our next 300 million mobile subscribers from the European market very soon.
Interview provided by Feyzi Celik (CEO, OnePin) and Andrea Goodwin (Director of Product Management, OnePin).
About OnePIN, Inc.
OnePIN creates a universal, interactive user engagement channel for mobile operators that drives VAS revenues, advertising revenues, and core service revenues from network events and user behaviors. OnePIN’s SIMplicity Cloud includes CallerXchange®, MsgXpress™, ZeroX™, AdXecutive™, SurveyXpert™, MaXapp™, SocialLinX™, and BoosterX.™ The platform enables mobile operators to enhance the strategic value of phone calls and phonebooks. The Company’s services are currently deployed to over 300 million mobile subscribers across all handset models in 20 countries and 30 mobile operators spanning seven of the world’s largest mobile operator groups. OnePIN is headquartered in Boston with offices around the globe. www.onepin.com.
