Trust, plain and clear.

A trust layer for everything where real trust matters. SigID checks companies, people, bank accounts, documents, authorizations and product codes – before you let go. For critical actions you confirm in the Trust App and get a proof that stays verifiable any time.

We check actions, not just people. Per action you get a trust level, a tamper-proof record and – for critical actions – your confirmation in the Trust App. The result is re-verifiable and auditor-grade.

Anyone who wants to check before letting go. Individuals selling a car or renting out a flat. Finance teams approving invoices. Procurement vetting suppliers. Manufacturers keeping products real. And your whole team.

No. SigID verifies, signs and audits. We move no money, do not replace banks, notaries or insurers. SigID complements existing KYC or ERP systems as a trust layer.

Passkeys (FIDO2/WebAuthn) are hardware-bound — the private key never leaves the device. They are phishing-resistant because the browser checks the origin. SMS-TAN is not provided as a high trust level.

Device re-activation is itself a critical action and requires four-eyes principle or recovery key plus strong re-authentication (passkey + biometrics). Lost devices can be revoked within minutes.

Yes. Sensitive fields are end-to-end encrypted; in-transit uses TLS 1.3 and at-rest AES-256-GCM. Key material is isolated per tenant and on request hosted in your own KMS instance.

Free after login. The first 50 checks per month are free – private or business, no plan selection, no packages. Only from check 51 per month do you pay-per-check. No setup fees, no minimum contract, no seat licenses.

No. No packages, no tiers, no setup fees. Self-service is the default. Setup fees only apply to dedicated EU cloud – negotiated individually with sales and outside the standard usage.

No – we do it the way PayPal does: private and business get exactly the same. Same trust layer, same 50 free checks per month, same API. Trust shouldn't have a paywall.

Yes. Stable v1 REST API with OpenAPI 3.1 spec, signed webhooks (HMAC-SHA256), SDKs for JavaScript/TypeScript and (roadmap) Python. Idempotency keys, pagination, rate limits — Stripe-style.

Example integrations for Sage, DATEV and Microsoft Business Central. Generic ERP connector via REST. Custom integrations typically take 1–3 days. For individual enterprise contracts our engineering supports the integration.

Signed events (e.g. challenge.approved, audit.event.created) are delivered to your endpoints. Retries with exponential backoff, dead-letter queue, replay via the console. HMAC-SHA256 with key rotation.

Yes. Data minimization is the default — we store fingerprints and metadata, not entire documents. A standard DPA is available. Data subject rights (access, deletion, portability) are exposed via self-service. Hosting in DE/EU.

SigID is NIS2-ready: risk management documentation, incident response paths, 24/72 hour reporting workflows are implemented. On request we provide a mapping of your SigID usage to NIS2 requirements for your auditor.

SigID supports eIDAS-compliant identity proofs (e.g. via QES providers) as input to the trust layer. For the highest trust levels (T4/T5) we integrate accredited TSPs. We are not a trust service provider ourselves — we are the layer on top.