DEKRA accredited for FIPS 140-3 conformance testing in United States

The National Institute for Standards and Technology (NIST) and National Voluntary Laboratory Accreditation Program (NVLAP) have accredited DEKRA to perform FIPS 140-3 conformance testing at its Sterling, VA, USA, laboratory (NVLAB code 600319-0). The laboratory also received accreditation for Automated Cryptographic Validation Protocol (ACVP).

The Federal Information Processing Standards, also known as FIPS, is a collection of data security and computer system standards that govern the protection of data of the United States federal government. FIPS 140-3 is the current standard covering cryptography and includes four levels of security. DEKRA’s Sterling laboratory is accredited to conduct cryptographic module validations for all levels of the FIPS 140-3 standard.

“Cryptography is a key element of our customers’ cybersecurity strategies,” said Nithya Rachamadugu, Vice President and Lab Director for DEKRA North America. “By attaining FIPS-accreditation, we are able to expand our testing and certification services to not only meet our customers’ needs, but to keep their data safe and secure.”

In order to work with the United States federal government, FIPS 140-3 certification is required for hardware, firmware, and software products that utilize cryptography. In addition to manufacturers, government agencies, contractors, partners, service providers, and those who plan to do business with the U.S. federal government are required to adhere to FIPS when collecting, storing, sharing, transferring, or disseminating sensitive data.

With the new laboratory accreditation, DEKRA now offers FIPS 140-3 certification and assessment services from its laboratories in the United States, as well as Málaga, Spain, where its laboratory has been FIPS-accredited since 2008. The company offers comprehensive cybersecurity services and evaluations, including Common Criteria evaluations, Automated Cryptographic Validation Protocol (ACVP) testing, and Cryptographic Algorithm Validation Services (CAVS). DEKRA also offers penetration testing and evaluations for private cybersecurity service programs, such as Amazon AVS Security, CTIA IoT, and ETSI EN 303 645.

“Safety has taken on new dimensions in the digital era and has elevated cybersecurity to a critical business need,” said Bert Zoetbrood, President of DEKRA Americas. “We are proud to offer world-class cybersecurity services in North America as the trusted partner for a safe, secure, and sustainable world.”