SEOUL, Korea (22 May 2014) – Today, Samsung Electronics Co., Ltd. (“Samsung”) announced that as of April 30, 2014 the GALAXY S5 and Note 10.1 2014 Edition became the latest KNOX-embedded devices to have received Common Criteria (CC) certification from the National Information Assurance Partnership (NIAP).
Common Criteria certifies the design and implementation of security-sensitive products and provides assurance that the specification, implementation, and evaluation of each solution have been thoroughly analysed to meet the Common Criteria requirements. It assures that certified devices are independently evaluated and verified to meet fundamental security requirements specified in the Protection Profile and the certification is currently recognised across 26 countries globally through the Common Criteria Recognition Arrangement (CCRA).
Previous requirements already existed to protect traditional mobile devices and operating systems but as they became more and more vulnerable to ever-changing and increasingly intelligent forms of attack, a more robust standard was needed. The NIAP set up a new standard, Mobile Device Fundamentals Protection Profile (MDFPP), that includes over 80 essential core device security requirements, such as Key Management, Crypto Module, Device Encryption, WiFi Security, Screen Lock and Mobile Device Management (MDM). The MDFPP published in October 2013 addresses the security requirements of mobile devices for use in enterprise.
“As a leading provider of Android devices, it is Samsung’s mission to make the Android platform even more secure to lead the enterprise mobility market,” said JK Shin, President and CEO, Head of IT & Mobile Communications Division at Samsung Electronics. “This MDFPP CC certification is the culmination of Samsung’s effort to provide customers with enhanced and independently verified security technologies. We are delighted that we can add both the GALAXY S5 and Note 10.1 2014 Edition to the list of Samsung mobile devices that are Common Criteria certified.”
Along with CC certified security features, which include on-device encryption and secure data connectivity, Samsung GALAXY devices are also protected by Samsung KNOX – a holistic array of security enhancement from the hardware layer all the way to the application layer and KNOX security platform is built on the cryptographic module, which is CC certified. Thanks to this combination, both Samsung’s enterprise customers and individual users will be able to enjoy safe, secure access to networks and high-value information assets both at work and at home, having the ability to carry and use one device for both business and personal use.
Beginning with the GALAXY S Ⅱ’s FIPS 140-2 certification of on-device cryptographic module, Samsung has been continuously validating its key cryptographic modules, and in Feb 2014, GALAXY S4, Note 3, NotePRO 12.2 became the first MDFPP CC certified devices in mobile industry. As of this writing Samsung is the only mobile device vendor to have MDFPP certified mobile devices.
