Security Audit

VaultysID was audited by Amossys, a leading cybersecurity company recognized for its expertise in evaluating ANSSI certification schemes (Common Criteria, CSPN, EUCC). In collaboration with the SEAL (Software Security and Analysis) teams, discover the results and get the full analysis.

A strategic approach to innovation and transparency

This audit, carried out by Amossys, is part of Vaultys' strategy to make VaultysID an open source solution, accessible and transparent for all.


By collaborating with a leading laboratory like Amossys, our goal is to ensure that our decentralized authentication technology meets the highest security standards, while promoting a collaborative and open approach.

  • Read more

    Open source represents a key step in our mission to democratize digital security, enabling any organization to integrate a robust and proven solution. With this move, we reaffirm our commitment to placing trust and innovation at the heart of our offering.

Why is this audit important to you?

  • Businesses: A sovereign and secure solution, compliant with modern requirements, offering a reliable alternative to Big Tech.
  • CIOs and CISOs: Independent and transparent validation thanks to open source, guaranteeing secure integration into critical environments.
  • Developers: An audited, documented and open source protocol for rapid and adaptable integration.
  • Users: Robust, proven authentication, reducing the risk of phishing and identity theft.

  • Why did Vaultys subject VaultysID to an independent audit?

    At Vaultys, security is a top priority. The audit conducted by Amossys, a laboratory recognized for its ANSSI certifications (Common Criteria, CSPN, EUCC), ensures the robustness of our authentication protocol. This approach is part of our strategy of transparency and the transition of VaultysID to open source, thus strengthening the trust of our partners, developers, and users.

  • What did Amossys assess in this audit?

    Amossys has taken an in-depth look at the VaultysID authentication protocol through:


    Analysis of technical specifications and documentation.

    An assessment of critical phases of the protocol in the face of potential attacks.

    Formal modeling using tools like VerifPal to validate the results.

    Recommendations to strengthen security and integration in complex environments.

  • Why is VaultysID becoming open source?

    We believe in the importance of complete transparency to earn the trust of our partners and customers. By making VaultysID open source, we offer the technology community an opportunity to contribute to its improvement, while ensuring wider adoption in diverse IT environments. It also allows businesses to independently verify the solution's security and compliance.

  • Where can I access the full audit report?

    The full audit report conducted by Amossys is available upon request via our online form. Complete the form to receive the document directly by email.

  • Who is Amossys?

    Amossys is a major player in cybersecurity, recognized for its assessments within the framework of ANSSI certifications and for its expertise in auditing and securing information systems. As a member of the Almond group, Amossys supports companies in their certification processes and advanced security audits.