The Federal Information Processing Standard (FIPS) 140-3 is a U.S. government security standard that specifies the security requirements used to validate cryptographic modules, which must be met in order for products to be validated under the Cryptographic Module Validation Program (CMVP).
For vendors, a successful FIPS 140-3 validation can be essential to selling their products in US and international markets. FIPS 140-3 has also proliferated into other verticals, like healthcare (HIPAA) and the financial industry. Intertek’s experienced Cryptographic Module Validation Program (CMVP) accredited laboratories can help you understand and navigate the process to ensure a successful validation.
FIPS 140-3 is the latest update for validating the effectiveness of cryptographic modules. FIPS 140-3 supersede FIPS 140-2 and is the only submissions being accepted by the CMVP. The standard provides four levels of security intended to cover a range of applications and environments.
We seek to engage early on and adopt risk mitigating processes whereby non-compliance is identified early on, fixes are discussed and planned, testing methodology is defined in advance to allow your teams to plan accordingly and schedule is tracked religiously to ensure our progress is in step with your development and test plans.
We have leveraged our considerable experience in FIPS 140 validation to develop custom tools and processes to offer a best-of-breed certification experience to our clients.
For vendors, a successful FIPS 140-3 validation can be essential to selling their products in US and international markets:
Algorithm testing is an important step for the FIPS module validation process. While it is the most objective part of the validation process, it does not require specialized tools or skills to execute.
