The National Institute of Standards and Technology (NIST) developed the Federal Information Processing Standard (FIPS) Publication 140-2 as a security standard that sets forth requirements for cryptographic modules, including hardware, software, and/or firmware, for U.S. federal agencies. FIPS 140-2 Validated certification was established to aid in the protection of digitally stored unclassified, yet sensitive, information.
Google Maps Platform uses a FIPS 140-2 validated encryption module called BoringCrypto (certificate 3678) in our production environment. This means that both data in transit to the customer and between data centers, and data at rest are encrypted using FIPS 140-2 validated encryption. The module that achieved FIPS 140-2 validation is part of our BoringSSL library.
In order to operate using only FIPS-validated implementations:
-
Google automatically encrypts traffic between VMs that travels between Google data centers using FIPS 140-2 validated encryption.
-
When you connect to Google infrastructure, your TLS clients must be configured to require use of secure FIPS-compliant algorithms; if the TLS client and Google Cloud's TLS services agree on an encryption method that is incompatible with FIPS, a non-validated encryption implementation will be used.
-
Applications you build and operate on Google Maps Platform might include their own cryptographic implementations; in order for the data they process to be secured with a FIPS-validated cryptographic module, you must integrate such an implementation yourself.
All Google Maps Platform Data Centers currently support FIPS 140-2 validated encryption.
Back to all offerings