nCipher first company to be awarded FIPS 140-2 certification for Hardware Security Modules
Cambridge, UK – 24 March 2003 – nCipher plc (LSE:NCH), a leading provider of IT cryptographic security, today announced it had received the first Federal Information Processing Standard (FIPS) 140-2 certification awarded by the US government to a hardware security module. nCipher, which has more FIPS 140-certified products than any other company, has received FIPS 140-2 certifications for its nShield, payShield and nForce hardware security modules.
FIPS 140-2 is the latest version of the U.S. government’s stringent security standard for cryptographic modules and is widely accepted as the benchmark for measuring the security assurance of these products.
“FIPS 140-2 is one of the most stringent standards in the IT security market and a benchmark for best practice hardware security. The validation to FIPS 140-2 is testament to the strength of design of our hardware security modules” says Richard Moulds, vice president marketing, nCipher. “Our customers are increasingly demanding FIPS-certified hardware as legislation such as HIPAA and Gramm-Leach Bliley demand heightened levels of protection for personal data. This certification puts us several steps ahead of the market and shows our customers that they can trust their data is secured to one of the highest levels possible.”
FIPS 140-2 is a US government standard that is administered by the National Institute of Science and Technology (NIST) and the Canadian Communications Security Establishment (CSE.) The FIPS 140-2 standard is used to ensure that cryptographic modules meet specified cryptographic security standards for applications used in the financial community, government and other industry sectors. Cryptographic modules are tested by government-certified laboratories to ensure they meet the standard’s requirements and the results of the tests are closely scrutinized by NIST and CSE. In 1998, nCipher was the first company to obtain a Level 3 validation to the previous FIPS 140-1 standard for a combined key management and cryptographic accelerator product and is now, once again, the first company to receive FIPS 140-2 validations for a hardware security module.
About nCipher’s Hardware Security Modules
nShieldÃ¢â€ž? — a tamper resistant hardware security module that has been validated to the Federal Information Processing Standard (FIPS) 140-2 Level 3, a benchmark that is frequently applied to secure systems. Combining secure key management, transaction acceleration, and tamper resistant physical hardening, nShield delivers high security, speed and scalability in a single package. nShield is well suited to a variety of security infrastructures, such as certificate authorities, online certificate validation services, database encryption and numerous custom applications.
payShieldÃ¢â€ž? — a FIPS 140-2 level 3 validated HSM designed specifically to meet the security needs of card-issuing banks, payment processors, merchants and e-payment solution providers as they implement the 3-D Secure protocol through Verified by Visa and Mastercard SecureCode and other standards. Helping organizations build a secure e-payment infrastructure, payShield delivers high-speed cryptographic processing in a tamper-resistant hardware security module providing comprehensive key management capabilities for both symmetric and asymmetric keys within a single device, and supporting special APIs that enable the integration of customized encryption, decryption and signing functions.
nForceÃ¢â€ž? — provides secure and flexible key management facilities combined with powerful SSL acceleration. Targeted at online services requiring secure communications, nForce is the leading secure e-commerce accelerator available today.
nCipher is redefining cryptographic security to protect points of risk across the enterprise-from network appliances to Web servers, to custom software applications and back-end databases. nCipher provides hardware and software solutions that enable organizations to implement best practice security by addressing the challenges of cryptographic key management and performance. Many of the world’s leading organizations – from Microsoft and Barclays Bank to PricewaterhouseCoopers and the U.S. Navy – rely on nCipher to deliver a sound e-security infrastructure. nCipher’s products are particularly well suited to organizations with high volumes of security-sensitive transactions, such as banking and financial institutions, government departments, e-retailers and online service providers. nCipher is listed on the London Stock Exchange as a TechMARK 100 company (LSE:NCH) with offices in Cambridge, UK; Boston, New York, Paris, Hamburg, Singapore and Tokyo. For more information on nCipher, visit www.ncipher.com.