The primary goal of the Project was to raise awareness among all stakeholders in the fields of Information and Communication Technologies (ICT) about the need to develop network services using secure methodologies that protect user privacy. The issue of web application and website security has become critical over the past decade, as both the number of cyber-attacks and the cost of cybercrime to the European economy have increased dramatically.

In summary, the Software and Web Service Analysis Tool, necessary for issuing the Digital Seal of Good Practice, focus on applications and websites that collect user data. The service operates as follows:

1. The business representative (developer or administrator) responsible for developing online services and websites visits and registers in the ASPIDA system, where they consent to have their website audited and provide the required contact details. They are also asked to answer a set of questions regarding how they store and manage user data, as well as the adoption of certain security best practices on their website.
2. The audit is carried out automatically, and if successful, without any obvious security gaps detected, the system returns the Digital Seal of Good Practice to the developer. The Digital Seal certifies the system’s proper design and the date of the audit. Users can install a special browser plugin that displays the Digital Seal of Good Practice. The developer can use the relevant certificate to promote their product.
3. If the audit detects security gaps, the website administrator can correct them and repeat the process until the desired result is achieved, ensuring that no errors remain from the audit. If changes are observed on the website, the content of the Digital Seal of Good Practice is automatically updated, provided the audit results differ. The Digital Seal of Good Practice is interactive, as each time a user chooses to interact with it, it automatically revalidates that the results are up-to-date and valid.
4. Anonymous statistical data is sent to the Internet Security and Privacy Observatory. The Observatory will serve as a valuable tool for the State to measure the adoption of best practices in online service development and to shape appropriate policies.