AI-powered evaluation using the Model Context Optimization BS Detection Framework, based solely on publicly available website content.
Based on 235 businesses audited.
OneSpan has 1.4 points more BS than the average for Security, Surveillance & Cybersecurity.
Security, Surveillance & Cybersecurity BS: OneSpan (vasco.com)
OneSpan delivers a high-substance enterprise offering that successfully avoids the ’empty suit’ syndrome common in cybersecurity. While it suffers from a lack of structured data and leans on industry clichés, the forensic evidence of deep-stack integrations and Tier-1 client success stories proves the signal is genuine. It is a low-BS site that prioritizes functional proof over marketing air.
Implement Organization and Person schema immediately to fix the technical authority gap and link to official sameAs profiles. Replace the anonymous ‘Top bank’ case study on the Integrations page with the specific Bank of Montreal details used elsewhere. Provide direct outbound links to the G2 Winter/Spring 2026 reports to validate the ‘Leader’ badges. Reduce the frequency of power words in H2 and H3 tags, replacing them with specific outcome-based nouns.
The site maintains a relatively high substance-to-fluff ratio, evidenced by the inclusion of specific technical integrations (Salesforce, Guidewire, Workday) and named enterprise clients (NASA, IBM, BMO). While headings like ‘Growth. Every business is looking for it’ are pure fluff, they are immediately followed by specific metrics such as ’30 min’ time savings for BMO and ’21 Countries’ for Standard Chartered. The presence of exact regulatory standards like ISO 27001, FedRAMP, and HIPAA offsets the 10+ instances of power words like ‘seamless’ and ‘world-class’.
AI does not consolidate duplicates — it embeds whatever it crawls. Generate your URL & Canonical Hygiene Audit to quantify the identity conflicts that break your semantic cohesion.
Drift is minimal. The homepage H1 ‘High-assurance authentication’ is directly supported by the sub-page ‘Stay safe with bank-grade security standards’ and technical FAQ sections explaining public-key cryptography. The ‘Enterprise’ focus claimed on the homepage is validated by the ‘Integrations’ page, which lists complex vertical business applications like Guidewire PolicyCenter rather than simple SMB tools. There is a slight disconnect in the ‘Contact Us’ page logos compared to the homepage, but both prioritize Tier-1 financial institutions.
Identify the current state and friction diagnosis of your specific business model. Generate your Executive SEO Strategy to quantify the financial or conversion cost of strategic misalignment.
Trust theatre is present but partially mitigated. The site displays ‘G2 Spring 2026’ badges (current as of May 2026) and mentions a ‘review_count’ of 5-6 across pages, yet the ‘proof_links_count’ remains at 1, indicating a lack of direct click-throughs to raw third-party data. The use of a ‘Top bank’ testimonial without a name on the Integrations page is a classic BS pattern, though it is neutralized by the explicit naming of BMO and RBC elsewhere.
Proof density is high for the SaaS sector. Across 4 pages, there are over 12 named enterprise clients and 5+ specific technical integrations mentioned by name. The ratio of vague assertions like ‘accelerate revenue’ to specific proof points like ‘FedRAMP compliant’ is roughly 2:1, which is significantly better than the industry average.
To examine how structural entropy affects chunking and retrieval, review the Moz Semantic HTML audit. View the Moz Semantic HTML Audit for a complete example of heading logic, landmark integrity, and DOM depth diagnostics.
The site heavily uses industry jargon such as ‘threat intelligence’ and ‘compliance framework,’ matching 6 distinct patterns in the industry dictionary. The value proposition of ‘security meeting simplicity’ is a common cliché, but the specific focus on white-labeled UI for banks provides a degree of unique positioning. Template fingerprints are high, particularly in the ‘Resources’ and ‘FAQ’ sections which follow standard SaaS layouts.
A significant technical gap exists as the ‘schema_json’ is null across all crawled pages, which is contradictory for a company claiming to lead in ‘digital agreements’ and ‘technical excellence.’ There are no named experts or leadership profiles in the primary headings or body text, relying entirely on the brand’s corporate identity. The absence of Person schema or sameAs links for key technical staff creates an ‘authority vacuum’ behind the corporate shield.
Performance claims are generally well-supported by specific client logos (USPS, Deutsche Bank) and percentage-based ROI stats (60% shortened time-to-revenue). However, the claim of being the ‘eSignature software enterprises love’ is a subjective marketing assertion that lacks a direct link to the user satisfaction reports it references. The ‘bank-grade security’ claim is substantiated by a list of 8+ specific compliance certifications.
Security, Surveillance & Cybersecurity BS: OneSpan (vasco.com)
The site strongly aligns with the Security and Cybersecurity category, specifically focusing on identity verification and secure digital agreement workflows. The content moves beyond generic protection claims to specific technical applications like eIDAS compliance and high-assurance authentication.
Your site's meaning is determined by its graph, not its menus. Review the Internal Linking Architecture Framework to see how AI interprets nodes, edges, and authority flow inside your domain.
“The score of 37 is primarily driven by the 'Identity and Authority' pillar (10/15) due to the total absence of structured schema and named human experts. 'Trust and Proof' also contributed points (9/20) due to the low proof-link-to-review ratio. The site's high information density and consistent messaging across pages prevented a higher BS score.”