Challenges of FIPS Validation

• LENGTH: It can take anywhere from 8-12 months
• COMPLEXITY: According to NIST, 48% of cryptographic modules submitted by new applicants and 20% of returning applicant modules contain security flaws. A full 30% of algorithms tested by NIST do not conform to the FIPS standard
• COST: first time validations cost between US$50,000 and US$100,000, and each platform must be validated separately
• EVOLUTION: the standards are constantly evolving and require monitoring to ensure continued compliance

The Certicom Security Architecture helps you to avoid the challenges of the FIPS Validation process.

Simply by integrating Security Builder GSE as the software cryptographic provider for your application, you can claim that your product contains FIPS 140-2 Validation without having to submit it to the process. As new requirements for FIPS 140-2 evolve, Certicom will monitor the changes for you so that you can preserve resources and focus on extending the features of your product.