UL becomes a fully appointed Common Criteria Information Technology Security Evaluation Facility (ITSEF), under the UK Scheme run by CESG
March 2013 by Marc Jacob
UL is pleased to announce that their UK-based laboratory has successfully completed the process to achieve Common Criteria accreditation to ISO/IEC 17025 by the UK Accreditation Service (UKAS) and full ITSEF appointment under the UK IT Security Evaluation and Certification Scheme operated by CESG.
This accreditation and appointment means that UL can now undertake security evaluation to the highest level of vulnerability analysis (AVA_VAN.5). This helps their customers globally with security evaluation of their products to assess whether they meet state-of-the-art security assurance levels as per their claims.
Common Criteria (CC) is an international standard for IT security evaluation and certification. It provides assurance that manufacturers’ claims over the security features of their products are valid and have been independently tested against recognized criteria. Independent testing laboratories, known as Information Technology Security Evaluation Facilities (ITSEFs), carry out CC evaluation. CC certification by CESG’s Certification Body is internationally recognized through the worldwide CC Recognition Arrangement (CCRA) and the European SOG-IS Mutual Recognition Agreement (MRA).
Richard Manning, Head of CESG’s Certification Body, added: “We are pleased to welcome UL as an accredited and fully appointed ITSEF to undertake CC evaluations for customers. This UKAS accreditation and CESG full appointment supports CESG’s objective to continue to provide confidence in the security of evaluated IT products.”
Card and terminal manufacturers can rely on UL´s extensive offering with regards to their security evaluation requirements, as well as functional testing and advisory services to address their global market access needs.
UL’s transaction security services were formed after the acquisition of RFI Smart (part of RFI Global Services Ltd) in 2010 and Collis and Witham Laboratories in 2012. On the 1st of November 2012, the three companies rebranded to UL and became one. Under the UL umbrella they offer extensive advisory services, training, test and certification services, security evaluation services and test tools to the payment, mobile, e-ticketing and ID management domains worldwide.