nShield® HSMs certified to eIDAS Protection Profile EN 419 221-5
CAMBRIDGE, England & SUNRISE, Fla.–(BUSINESS WIRE)–nCipher Security, an Entrust Datacard company and provider of trust, integrity and control for business-critical information and applications, announces that its nShield® XC hardware security modules (HSMs) have received Common Criteria EAL4+ certification. This certification confirms that nShield HSMs meet the requirements of the European Union’s electronic Identification, Authentication and Trust Services (eIDAS) regulation.
“Our company has long championed best practices and industry standards, and this level of security certification demonstrates our commitment to achieving the highest standards and compliance requirements,” says Peter Galvin, vice president strategy, nCipher Security. “Common Criteria EAL4+ certification is based on independent review of the nShield XC HSM and its security properties, which is a powerful tool for building trust and confidence for nCipher customers. By meeting this standard, government agencies and private sector enterprises deploying nCipher HSMs can be assured they are implementing the most secure solutions available.”
With this Common Criteria certification, service providers who issue digital certificates, time stamps, or digital signatures can use nShield HSMs as a part of eIDAS compliant solutions. eIDAS compliance is required in the European Union, and has been adopted by many other countries around the world for government-to-government and government-to-citizen services, provision of public services and website certificates, and regulated markets such as banking, financial services and healthcare. eIDAS can be used for any cross-border services such as car rental, or whenever a business wants to ensure the legal validity of an electronic signature.
About Common Criteria
The international Common Criteria standard was developed to unify and supersede national IT security certification schemes from several different countries, including the US, Canada, Germany, the UK, France, Australia, and New Zealand. Common Criteria certified solutions are required by governments and enterprises around the world to protect their mission-critical infrastructures. Common Criteria is often a prerequisite for qualified digital signatures under the European Union digital signature laws. Under Common Criteria, a product is evaluated to one of seven specific Evaluation Assurance Levels (EALs). nCipher nShield Connect, nShield Connect+, nShield Solo, nShield Solo+ and now nShield Solo XC and nShield Connect XC have all been certified to EAL4+, ensuring customers have the utmost confidence in nCipher’s range of advanced cryptographic solutions.
The eIDAS regulation was created to establish trust in electronic transactions between individuals, organizations and government entities across European Member States. Under eIDAS, citizens and businesses can use their native national electronic identification schemes (eIDs) when accessing public services within other EU Member States that use eIDs. Additionally, this regulation implements standards for electronic signatures, time stamps, electronic seals, and other proof of authentication, including electronic certification and registered delivery services that give those electronic transactions the same legal status as if they were conducted on paper.
nShield Solo XC and Connect XC HSMs:
- eIDAS and Common Criteria EAL4 + AVA_VAN.5 and ALC_FLR.2 certification against EN 419 221-5 Protection Profile, under the Dutch NSCIB scheme
- Can form the basis of an EN 419 241-2 certified remote signing system for eIDAS.
- Compliant with BSI AIS 31 for true and deterministic random number generation
nShield Solo, Solo+, Connect, and Connect+ HSMs:
- Common Criteria EAL4 + AVA_VAN.5 and Qualified Signature/Seal Creation Device (QSCD), certified under the Italian OCSI scheme.
nCipher nShield HSMs are also certified to FIPS 140-2 Level 2 and Level 3, a standard defined by the US National Institute of Standards and Technology (NIST) and the most widely adopted security benchmark for cryptographic solutions in government and commercial enterprises. nCipher‘s participation in the Common Criteria scheme complements FIPS validation by providing a broader scope for evaluation including further assurance that the product has been developed in accordance with internationally recognized best practice.
About nCipher Security
nCipher Security, an Entrust Datacard company, is a leader in the general-purpose hardware security module (HSM) market, empowering world-leading organizations by delivering trust, integrity and control to their business critical information and applications. Today’s fast-moving digital environment enhances customer satisfaction, gives competitive advantage and improves operational efficiency – it also multiplies the security risks. Our cryptographic solutions secure emerging technologies such as cloud, IoT, blockchain, and digital payments and help meet new compliance mandates. We do this using our same proven technology that global organizations depend on today to protect against threats to their sensitive data, network communications and enterprise infrastructure. We deliver trust for your business critical applications, ensure the integrity of your data and put you in complete control – today, tomorrow, always. www.ncipher.com