FIPS 140-2
If your app needs to communicate with the US government or Department of Defense, any hardware and software you use needs to be FIPS 140-2 validated. FIPS stands for the Federal Information Processing Standards and 140-2 is the second version of the Security Requirements for Cryptographic Modules standard.
The standard defines 4 levels of FIPS 140-2, which are as follows:
Level 1, the lowest, imposes very limited requirements; loosely, all components must be “production grade” and various egregious kinds of insecurity must be absent.
Level 2 adds requirements for physical tamper-evidence and role-based authentication.
Level 3 adds ...
Get Bulletproof Android™: Practical Advice for Building Secure Apps now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
