We are excited to announce that the Luna 7 USB HSM is now FIPS 140-3 Level 3 validated. This certificate is a demonstration of our commitment to pioneering crypto advancements and delivering top-tier protection for our customers’ most sensitive data.

Key Details

• Luna USB HSMs listed under “Luna G7 Cryptographic Module”  (Certificate #4962) with FW v7.7.3. Certificate #4962 sunset date (2/6/2027) will be extended automatically until newer certificate with FW v7.9.0.

• FIPS changes need to be reviewed and tested with your applications before applying the upgrade, see https://thalesdocs.com/gphsm/luna/7/docs/usb/Content/compliance/fips.htm

• Customers simply need to download the latest firmware from our Customer Support Portal to review the security policy to maintain compliance with this validation.

• Luna Backup HSM 7 FIPS 140-3 validation anticipated end of Q2-2025.

• All FIPS 140-2 certificates will be moved to the Historical List as of Sept. 21, 2026, at which point they will no longer be valid.

About FIPS 140-3

FIPS 140-3 is the latest iteration of the benchmark industry leading security certification, replacing FIPS 140-2 as of Sept 2021. It demonstrates compliance to an internationally recognized set of security requirements for cryptographic modules defined by United States National Institute of Standards and Technology (NIST). The certification involves both functional testing alongside structured code review by a nationally accredited laboratory to confirm the product complies with its claimed level of security.

FIPS 140-2 has been in use since 1998, and the goal of FIPS 140-3 is to be more closely aligned to international standards, evolving requirements such as PQC and better suited to today’s technologies.

Quick Links

• Customer Support Portal
• Certificate Listing
• Thales CPL FIPS 140-3 Webpage

Questions?

Please contact your Thales Representative if you have any questions.