Skip to main content

Frequently asked questions

Who is XFA?

XFA is a security technology company based in Belgium, founded to do device security better and committed to enable modern work. XFA is developed according to the highest quality and privacy standards and is regularly audited by external parties. XFA is fully committed to supporting the General Data Protection Regulation (GDPR) and we are proud to be ISO 27001 certified, a testament to our adherence to high security standards. Why is device security important? On average, 40% of devices used for work are unsafe, and 1/3 of cyber incidents are related to these devices. Your organization acknowledges the importance of ensuring that all devices used for work and for accessing its applications are secure. By doing so via XFA, cyber incidents can be significantly minimized.

Why use XFA?

XFA can ensure that only secure devices get access to your organization's applications, in a way that respects privacy. Our approach aligns with the requirements of certification standards like ISO 27001, SOC 2, and NIS2.

What exactly does the XFA software do?

During the login process to business applications, we conduct essential device security checks proven to protect against cyber threats, such as malware, ransomware, and data theft. In case of any issues, we provide guidance on resolving them.

How does XFA work?

You can install XFA within 3 minutes without the need to create an account. On desktop, XFA operates using a browser extension and a small native program (used to perform the tasks of security checks) installed on your computer. This setup enables us to communicate with you through the browser and conduct device security checks efficiently. On mobile, XFA operates via a native app.

Can XFA take or give control to my computer?

XFA does not give any control to anyone of your device. XFA only verifies certain device security information. These checks happen in a privacy-respecting, non-intrusive way, without requiring any elevated administrative rights on your device. The focus of XFA is limited to running essential security checks, and sharing information about this with your organization to support the compliance of your organization.

What information does XFA share with your organization?

We share information about essential security checks for each device used to log into your organization's applications, such as whether your operating system and browser are up-to-date, if your data is encrypted, whether you have a password manager installed, … . The precise selection of security checks and access rules (policy), including the timeframe to comply with a security check, are defined by your organization.

Does XFA share personal information with your organization?

XFA places a high value on privacy and is working in full GDPR compliance. We do not collect any personal information from your computer, we do not track which websites you visit or which applications you have installed, nor do we monitor when or for how long you log into your computer or applications.