FIDO currently accredits Security Labs to perform FIDO Security Evaluations as part of Authenticator Level 2 (L2) Certification.
Accredited Security Laboratory List
|Applus+ Laboratories||Level 2||June 1, 2017|
|Brightsight||Level 2||June 1, 2017|
|DPLS Lab||Level 2||June 1, 2017|
|TTA||Level 2||June 1, 2017|
|UL Verification Services Inc.||Level 2||June 8, 2017|
FIDO is accepting applications for Accreditation (see process below), and new Accredited Laboratories will be added once they are issued an Accreditation Certificate.
Laboratory Accreditation Process
The full Accreditation process and requirements for laboratories is defined in the Security Laboratory Accreditation Policy.
- Review the FIDO Security Laboratory Accreditation Policy, ensure your lab meets the minimum third-party accreditation requirements (below).
- Complete the FIDO Accreditation Application Form and submit it to FIDO.
- If the application is Approved, schedule an on-boarding call with the FIDO Security Secretariat.
- Complete the Legal Agreements.
- Schedule Training and Knowledge Testing.
- Pay Accreditation Fees, Create a FIDO Account for Approved Evaluators, and Complete the Accreditation Certificate Request.
Third-Party Accreditation Requirements
A laboratory must have Accreditation from at least one of these ISO 17025 programs:
|Scope||Program||Area of Accreditation|
|ISO/IEC 17025:2005 – ITST||Cryptographic and Security Testing||Basic Cryptographic and Security Testing
Cryptographic Modules – HW & SW Testing
|ISO/IEC 17025:2005 – ITST||Common Criteria Testing||CC Testing|
Additionally, the laboratory must have Accreditation from at least one of the following Accepted Third-Party Accreditations:
|Common Criteria||CC Licensed Lab||https://www.commoncriteriaportal.org/labs/|
|FIPS 140-2||NVLAP Information Technology Security Testing (ITST) Cryptographic and Security Testing||https://www-s.nist.gov/niws/index.cfm?event=directory.search#no-back|
|CCTL||NVLAP Information Technology Security Testing (ITST) Common Criteria Testing||https://www-s.nist.gov/niws/index.cfm?event=directory.search#no-back|
|GlobalPlatform TEE||TEE Accredited Laboratory||https://www.globalplatform.org/teecertificationlaboratory.asp|
|EMVCo||EMVCo Lab Accreditation||https://www.emvco.com/approvals.aspx?id=104|
|China Information Security Certification Center (ISCCC)||National Information Security Product Certification Organization
Information Security Risk Assessment Service Qualification Organization
FIDO Laboratory Accreditation Fees
The following fees apply to Laboratory Accreditation:
|Initial Accreditation Fee||$11,500 USD||$15,000 USD|
|Yearly Fee||$3,800 USD||$5,000 USD|
|Renewal Assessment Fee||$11,500 USD||$15,000 USD|
Initial Accreditation Fee
The Initial Accreditation Fee is due prior to the issuance of the Laboratory Accreditation Certificate.
The yearly fee will be due yearly on the Certificate Issuance date. The Yearly Fee does not apply on years where there is a Renewal Assessment Fee.
Renewal Assessment Fee
The Renewal Assessment fee will be due every three years from the Certificate Issuance date. Laboratories are required to complete the Renewal Assessment process prior to the expiration of their Certificate.
Accredited Laboratory Dashboard
Accredited Laboratories can Login to view their Dashboard.