Entrust Inc. finalized a pair of government approvals with FIPS 201 and FIPS 140 certifications for the company’s PIV smart card credential technology, which was reviewed, tested and certified by the National Institute of Standards and Technology.
These certifications demonstrate interoperability with established NIST standards. To ensure a seamless deployment, many organizations will only purchase solutions that carry certain certifications.
Based on standards set by the U.S. government, these certifications help ensure interoperability by vetting protocol conformance for smart cards — FIPS 201 — and testing cryptography strengths — FIPS 140. These approvals complement and support Entrust’s existing Common Criteria EAL 5 certification.
Reviewed by the NIST PIV Platform Validation Authority, FIPS 201 certification focuses on interoperability between the PIV application and other parts of the PIV solution, including physical access readers and logical access clients. The strict certification also verifies the smart card can withstand many years of rigorous wear and tear.
FIPS 140 certification ensures a solution meets or exceeds U.S. government security standards that specify requirements for cryptography modules and physical tamper-resistance. An example includes testing the elliptic curve cryptography implementation used within the solution.