Tinder, the world’s most popular app for meeting new people, has achieved certification for its Information Security Management System (ISMS) under the ISO/IEC 27001:2013 standard following an extensive impartial external audit — becoming the first app in its category to achieve a certification decision for this globally recognized security standard.
International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC) publish minimum global practices for the security of a company’s information assets such as member data, intellectual property, financial information, employee information, as well as information entrusted by third parties. This certification validates Tinder's ongoing efforts to successfully implement comprehensive information security practices that protect its members and their sensitive information in accordance with internationally accepted standards.
In order to meet the ISO/IEC 27001:2013 standard, Tinder teams across the company invested months of time, during which they implemented 114 physical, operational, technical, and security controls and underwent extensive audits by multiple security experts. The extensive process has strengthened infrastructure as well as existing security and privacy posture. Tinder has implemented and validated a truly integrated and powerful suite of security controls and processes that enables Tinder to work in a mode of continuous improvement via repeatable processes while emphasizing member satisfaction and striving to ensure the confidentiality, integrity, and availability of information assets.
Following the meticulous audit process, the certificate was issued by Coalfire ISO, an accredited management systems certification body via both the ANSI National Accreditation Board (ANAB) and the United Kingdom Accreditation Service (UKAS), on Tinder’s first external audit attempt, clearly showcasing the readiness and diligence of the company’s information security program.
"Achieving this certification is a significant accomplishment for Tinder that demonstrates our consistent commitment to protecting the information assets of our members, employees, and our business to the highest standards of information security and privacy on a global scale,” said Abe Chen, Vice President of Security Engineering at Tinder. “The rigorous audit undertaken for certification confirms that we are deeply committed to the highest levels of data protection and marks one more step in our efforts to demonstrate the company’s transparency in protecting our members' personal data.”
“This certification accomplishment is a sector-first, exemplifying the growing need to expand information security best practices from traditional business-to-business services into consumer segments that impact millions of people around the world,” said David Forman, Vice President of Privacy and International Assurance at Coalfire. “The popularity of dating apps has meaningfully accelerated - spurred even more by the recent pandemic - and Tinder has responded aggressively to increasing scrutiny for services that handle private information to ensure their members’ data remains secure.”
Tinder’s ISO/IEC 27001:2013 certification is publicly available as Match Group, LLC within the Coalfire ISO Certificate Directory.