Taipei City Government

TaipeiPASS is an important city services app developed by the Taipei City Government. As a part of boosting the confidence of its users, the Department of Information Technology (DOIT) successfully acquired the ISO 27701 certification in privacy information management on May 21. Organizations including SGS, ACSI and DEVORE attended the certification presentation event on June 10.
 
With over 2.4 million app users, TaipeiPASS regards cybersecurity and privacy information protection as its top priorities. Before going live, TaipeiPASS has already obtained ISO 27001 certification by securing elements such as source code analysis, vulnerability assessment, and app information security examination through stress testing, as well as implementing penetration test and red team assessment to verify the service’s effectiveness in fending off hacking attempts.
 
Due to its need for identity verification to utilize services, TaipeiPASS also met the standards for the Mobile Application Security (MAS) mark, demonstrating its strict requirements in this area. However, in the interest of offering users a peace of mind that their private information is well-protected, DOIT works hard to meet the standards of ISO 27701, proving that the security of TaipeiPASS can be applied to the processing of large amounts of personal data.
 
Commissioner Simon Lu of DOIT explained that since its naissance, TaipeiPASS boasts a comprehensive personal data protection framework which is also necessary for integrating city services and allowing data convergence. DOIT complied with instructions from the Data Governance Committee by implementing Information Security Management System (ISMS) and Personal Information Management System (PIMS), as well as passing third party certification in these areas. Given TaipeiPASS’s role as an application platform ecosystem, DOIT also obtained MAS certification to vouch for its high security standards.
 
As of today, TaipeiPASS have acquired the following certifications: ISO 27001, ISO 27701, and MAS. Taipei City Government’s efforts in protecting the privacy of users and building a strong cybersecurity environment for the mobile application have not gone unnoticed.