Security certifications for Apple apps
Common Criteria (CC) certification background
Apple actively engages in security certifications of Apple apps using appropriate Protection Profiles (PPs). These evaluations build on the hardware and operating system certifications that Apple has gained. In 2018, Apple initiated application security evaluations for key applications running on iOS 11 with the Safari browser and Contacts apps. Apple continued these evaluations on apps running in iOS 12 in 2019 and iOS 13 and iPadOS 13.1 in 2020.
Apple will pursue further security evaluations of key apps on future operating system releases.
Cryptographic module certification status
Apple apps listed in the tables below use the cryptographic modules for the applicable operating system. For more information, see Security certifications for iOS and Security certifications for iPadOS.
Common Criteria (CC) certification status
The U.S. scheme, operated by NIAP, maintains a list of Products in Evaluation; this list includes products that are currently undergoing evaluation in the United States with a NIAP-approved Common Criteria Testing Laboratory (CCTL) and that have completed an Evaluation Kickoff Meeting (or equivalent) in which CCEVS management officially accepts the product into evaluation.
After products are certified, NIAP puts currently valid certifications on its Product Compliant list. After 2 years, these certifications are reviewed for conformance with the current assurance maintenance policy. After the assurance maintenance date has expired, NIAP moves the certification listing to its Archived Products list.
The Common Criteria Portal lists certifications that can be mutually recognized under the Common Criteria Recognition Arrangement (CCRA). The CC Portal may maintain products on the certified product list for 5 years; records are kept by the CC Portal for archived certifications.
The table below shows the certifications that are currently being evaluated by a laboratory, or that have been certified as conforming with Common Criteria.
Evaluations with NIAP that are published as being under way are listed at Products in evaluation (NIAP).
Operating system / Certification date | Scheme ID / Documents | Title / Protection Profiles |
|---|---|---|
Operating system: iOS 13, iPadOS 13 Certification date: 2020-06-05 | Scheme ID: 11060 Documents: Certificate, Security Target, Guidance, Validation Report, Assurance Activity Report | Title: Apple iOS 13 and iPadOS 13: Safari Protection Profiles: PP for Application SW, EP for Web Browsers |
Operating system: iOS 13, iPadOS 13 Certification date: 2020-06-05 | Scheme ID: 11050 Documents: Certificate, Security Target, Guidance, Validation Report, Assurance Activity Report | Title: Apple iOS 13 and iPadOS 13: Contacts Protection Profiles: PP for Application SW |
Operating system: iOS 12 Certification date: 2019-06-12 | Scheme ID: 10960 Documents: Certificate, Security Target, Guidance, Validation Report, Assurance Activity Report | Title: iOS 12 Safari Protection Profiles: PP for Application SW, EP for Web Browsers |
Operating system: iOS 12 Certification date: 2019-02-28 | Scheme ID: 10961 Documents: Certificate, Security Target, Guidance, Validation Report, Assurance Activity Report | Title: iOS 12 Contacts Protection Profiles: PP for Application SW |
Archived Common Criteria certifications for Apple apps
Operating system / Certification date | Scheme ID / Documents | Title / Protection Profiles |
|---|---|---|
Operating system: iOS 11 Certification date: 2018-11-09 | Scheme ID: 10916 Documents: Security Target, Guidance | Title: iOS 11 Safari Protection Profiles: PP for Application SW, EP for Web Browsers |
Operating system: iOS 11 Certification date: 2018-09-13 | Scheme ID: 10915 Documents: Security Target, Guidance | Title: iOS 11 Contacts Protection Profiles: PP for Application SW |
For questions about Apple Security and Privacy Certifications, contact security-certifications@apple.com.