<img alt="" src="https://secure.weed6tape.com/193471.png" style="display:none;">
Products & Solutions
Products & Solutions
Explore our portfolio of cutting-edge cybersecurity solutions, centered around our flagship Hardware Security Modules (HSMs). From encryption and key management to secure access and authentication, our products ensure robust protection for your most critical data and systems.
menu icon
Hardware Security Module (HSM)
HSM Overview What is an HSM? Primus HSM CyberVault (X2 Models) Primus HSM CyberVault Core (E2 Model) Primus HSM X-Series Primus HSM E-Series Primus HSM S-Series Primus HSM Blockchain Post-Quantum Cryptography HSM
menu icon
Cloud Security
Securosys CloudHSM Cloud Console What is CloudHSM? CloudHSM Service Offerings Integrated Technologies HashiCorp Vault Docker Image Security Bring Your Own Key (BYOK) External Key Store (XKS) Proxy for AWS Fortinet Fortigate Keyfactor EJBCA/SignServer
menu icon
Additional Products and Services
Decanus Terminal Transaction Security Broker (TSB) Key Attestation Smart Key Attributes (SKA) Securosys Authorization App S365 DKE - add-in for Microsoft 365 Securosys VaultCode CyberVault Key Management System
Partners
Partners
shield-people-colourful
Partners
Partner Directory
locket-platform-blocks-colourful
Integrations
Integrated Technologies HashiCorp Vault Fortinet FortiGate S365 DKE - adds in for Microsoft Bring Your Own Key (BYOK) External Key Store (XKS) - Proxy for AWS Keyfactor EJBCA/SignServer
Support
Support
menu icon
Support
Online Documentation Support Portal System Status Trainings
finance-institution-colourful
What is ...?
What is an HSM? What is CloudHSM? What is BYOK? What is SIC system?
About
About
Learn more about our mission, explore career opportunities, and access our resources. Discover how we’re shaping the future of cybersecurity and how you can be part of it.
menu icon
Securosys SA
About Us Events News Career
menu icon
Resources
Online Documentation Blog Articles Stories and Paper Video Gallery
document-lock-b&w
Certifications
Security Certifications Safety & Compliance Certifications Company Certification
3D-locket-documents-colourful
Compliance
Hong Kong Guidelines for VATP
Contact us
  • There are no suggestions because the search field is empty.

Security Certifications
for Primus HSM

Overview of security certifications and standards relevant to Primus HSM and CloudHSM, including FIPS, Common Criteria, and ISO/IEC.

Our commitment to delivering secure, reliable, and quality Hardware Security Modules (HSM) is reflected in our compliance with the industry's most stringent certifications.

 

FIPS Validation

FIPS 140-3 is the latest iteration for validating the effectiveness of cryptographic hardware. It aligns with international ISO/IEC 19790. This certification indicates that our HSMs have strong physical security, controlled access, and robust key management practices, making it suitable for protecting sensitive information in various applications. Learn more on the NIST website.

Securosys obtained its FIPS140-2 L3 certification in April 2019. The current certification was renewed in December 2019 and September 2023. It is currently sunsetting due to the transition to FIPS140-3, which is under process since May 2023. The certificate remains valid but has not been updated to reflect the latest guidance and standards. Learn more about the Cryptographic Module Validation Program.

 

Cryptographic Algorithm Validation Program (CAVP)

This certification confirms that cryptographic algorithms and helper functions are implemented correctly according to stringent standards set by NIST and U.S. federal regulations. By validating aspects like key scheduling and function compliance, CAVP ensures that algorithms can securely manage encryption, key handling, and cryptographic operations, supporting high security standards for sensitive data.

All NIST approved algorithms were recertified in August 2024 for all Securosys HSM. In addition, the new PQC algorithms ML-KEM, ML-DSA, and SLH-DSA were certified in November 2024.

 

Common Criteria EAL4+ Certification

The Primus HSM (Firmware 3.1.0) by Securosys SA is a high-performance Hardware Security Module designed to meet the world’s most stringent security requirements. By achieving Common Criteria EAL4+ certification, we provide a verified foundation for eIDAS compliance, qualified signatures, and critical infrastructure protection.

Common Criteria EAL4+ Certification

The Common Criteria (CC) certification is the international benchmark for IT security. Our Target of Evaluation (TOE) has been rigorously tested against specific Protection Profiles (PP) to ensure it provides implementation-independent security for high-assurance environments.

  • EAL4+ (Augmented with AVA_VAN.5): Certified to withstand high-level unauthorized penetration attempts, making it suitable for government and enterprise-grade security.
Qualified Trust Services & eIDAS Compliance

The Primus HSM is purpose-built to support the European eIDAS regulation for electronic identification and trust services. It is certified according to:

  • EN 419 221-5: Protection Profile for Cryptographic Modules for Trust Services.
  • EN 419 241-2: Protection profile for QSCD for Server Signing.

Together, these certifications confirm that the Primus HSM operates as a Qualified Signature Creation Device (QSCD), enabling the creation of legally binding electronic signatures and seals.

German BSI Technical Guidelines & SM-PKI

For the German market, the Primus HSM serves as a cornerstone for Secure Gateway and Smart Metering infrastructures. It supports full compliance with the BSI Technical Guidelines, specifically:

  • BSI TR-03109: Defining security requirements for Smart Meter Gateways and their associated public key infrastructure (SM-PKI).
  • BSI TR-03121 / BSI TR-03153: Specifying the use and evaluation of HSMs within Secure Element and Technical Security System (TSE) frameworks.

 

ISO/IEC 27001

Securosys CloudHSM service has achieved ISO/IEC 27001 certification, confirming that the team managing the service adheres to strict information-security practices. Additionally, all data centers hosting CloudHSM instances meet or exceed Tier-3 standards, providing high levels of physical security and infrastructure resilience.

 

About CloudHSM

CloudHSM is built upon Securosys' Primus HSM devices, which are rigorously tested and certified to meet the highest security standards. Primus HSMs comply with FIPS 140-2 Level 3, and are Common Criteria EAL4+ certified.

As mentioned above, Securosys CloudHSM uses real Hardware Security Modules which are also Common Criteria EAL4+ certified and comply with EN 419 221-5. This ensures compliance with the strict requirements for Qualified Electronic Signature (QSCD) and Seal Creation Device (QSealCD) as well as SCAL2 compliance according to EU regulation 910/2014, normed in EN 419-241-2. To read more about CloudHSM certification, click here.