Compliance
Securosys CloudHSM is powered by physical Hardware Security Modules (HSMs), specifically Primus HSM, which have earned the certifications listed on this page.
For clusters in FIPS mode, Securosys CloudHSM provides FIPS-approved HSMs that meet FIPS-2 Level 3 compliance requirements. Customers also have the option to choose clusters that are non-FIPS mode. For details on what certification and compliance requirements apply to each, review the different Service Packages.
FIPS 140-2 Level 3
This certification indicates that the HSMs have strong physical security, controlled access, and robust key management practices, making it suitable for protecting sensitive information in various applications.
- FIPS 140-2 Level 3 - Certificate #4583 | Certificate #3430
- FIPS 140-3 (Certification in progress) - You can follow NIST's current testing list, where the Securosys Primus HSM has been submitted for evaluation since December 2024. Implementation Under Test List
As of 10.02.2023, the Primus HMS devices are FIPS 140-2 Level 3 certified for v2.5.14-f.
More details can be found on our Support Portal, including Release Notes and Firmware files.
Our v3.1.0 firmware is currently undergoing evaluation for FIPS 140-3 Level 3 and is expected to be certified in 2025.
Cryptographic Algorithm Validation Program (CAVP)
This program indicates that the algorithms and functions heir ability to securely handle encryption, key management, and other cryptographic operations in compliance with federal regulations.
Explore the detailed algorithm certificates
Common Criteria EAL4+
View the HSM certificate | View the QSCD attestation
Securosys CloudHSM uses Hardware Security Modules (HSMs) that are Common Criteria EAL4+ certified and comply with eIDAS protection profile EN 419 221-5, relevant for compliant qualified signatures.
This ensures compliance with the strict requirements for Qualified Electronic Signature (QSCD) and Seal Creation Device (QSealCD) as well as SCAL2 compliance according to EU regulation 910/2014, normed in EN 419-241-2.
As of 18.01.2024, the Primus HMS devices are CC EAL4+ certified for v2.8.21.
More details can be found on our Support Portal, including Release Notes and Firmware files.
Our v3.1.0 firmware is currently undergoing evaluation for CC and is expected to be certified in 2025. The current certificate is valid until April 2026.
ISO/IEC 27001
This certification reflects the high standards upheld by the team responsible for managing and securing the service, particularly in protecting sensitive information, risk management, and security controls.
All data centers hosting CloudHSM instances worldwide are also ISO/IEC 27001 certified and meet or exceed Tier 3 standards, ensuring robust physical security and infrastructure resilience.
ISO 9001:2015
This certification demonstrates Securosys’s commitment to high standards of quality management across its operations. It ensures that every aspect of the service, from design to delivery, follows a systematic and reliable process that prioritizes customer satisfaction and continuous improvement.
Compliance list last update: September 2024