Certifications

Certifications

FIPS 140-2
Certification

Issued by the National Institute of Standards and Technology (NIST), the Federal Information Processing Standard (FIPS) is a US security standard that helps ensure companies that collect, store, transfer, share, and disseminate sensitive but unclassified (SBU) information and controlled unclassified information (CUI) can make informed purchasing decisions when choosing devices to use in their workplace.

Samsung KNOX meets the requirements for FIPS 140-2 Level 1 certification for both data-at-rest (DAR) and data-in-transit (DIT).

DISA
Approved
STIG

The Defense Information Systems Agency (DISA) is an agency within the US DoD that publishes Security Technical Implementation Guides (STIGs) which document security policies, requirements, and implementation details for compliance with DoD policy.

DISA approved the STIG for Samsung KNOX 2.x.

DISA
Approved
Product List

DISA has approved select KNOX-enabled devices to the US DoD Approved Products List (APL).

Note

Select Samsung KNOX-enabled devices and tablets are certified under the National Information Assurance Partnership (NIAP) Common Criteria (CC) Mobile Device Fundamental Protection Profile (MDFPP).

Common
Criteria
Certification

The Common Criteria for Information Technology Security Evaluation, commonly referred to as Common Criteria, is an internationally-recognized standard for defining security objectives of information technology products and for evaluating vendor compliance with these objectives. A number of Governments use Common Criteria as the basis for their own certification schemes.

Select Galaxy devices with KNOX embedded received Common Criteria (CC) certification. The current CC certification targets the new Mobile Device Fundamentals Protection Profile (MDFPP) of the National Information Assurance Partnership (NIAP), which addresses the security requirements of mobile devices for use in enterprise.

Samsung KNOX is approved by the United States government as the first NIAP-validated consumer mobile devices to handle the full range of classified information.

ANSSI

Samsung KNOX has obtained first-level security Certification Sécuritaire de Premier Niveau (CSPN) from the Agence nationale de la sécurité des systèmes d’information (ANSSI). The CSPN methodology and criteria is defined by ANSSI with evaluations run by ANSSI accredited testing labs.

ISCCC

Samsung KNOX received the security solution certificate by the China Information Security Certification Center (ISCCC). Samsung worked closely with ISCCC to develop the certification process, including device requirements and security standards. By securing the critical ISCCC certification, Samsung has a stronger foothold to garner mobile device contracts with China’s regulated industries, including government authorities, ministries, and finance.

CSfC

Fifteen Samsung devices have been listed in the NSA/CSS's Commercial Solutions for Classified Program (CSfC) for approved security components.

CESG
Approved

The Communications and Electronic Security Group (CESG) approved KNOX-enabled Android devices for United Kingdom government use.

FICORA

Samsung devices with KNOX fulfill national security requirements as defined by the Finnish National Security Auditing Criteria (KATAKRI II).

ASD

Australian Signals Directorate: ASD endorsing the Protection Profile for Mobile Device Fundamentals as well as recognizing evaluations against this Protection Profile.

Note

For the most recent updates to Samsung KNOX certifications, see the following link:
https://www.samsungknox.com/en/security-certifications