Qatar Common Criteria Scheme (QCCS)

The Common Criteria (CC) is an international set of guidelines and specifications defining a framework for IT security evaluation and certification. It provides assurance that IT products meet standard security requirements for government or specific market deployments through formal recognition that certify a product as it meets Information Assurance (IA) requirements.

Detailed information on what the Common Criteria is, and its guiding documentation, can be obtained from the Common Criteria website.

Qatar government has recognized the need for excellence in the certification services it provides through Qatar Common Criteria Scheme Certification Body under National Cyber Governance and Assurance Affairs within National Cyber Security Agency (NCSA).

Qatar Common Criteria Scheme QCCS has been recognized by CCRA (Common Criteria Recognition Arrangement) as a Certificate Consuming Member in 2015.

National Cyber Security Agency (NCSA) is the owner of the Qatar Common Criteria Scheme. The Scheme Director, also the Director of National Cyber Governance and Assurance Affairs has authority for the strategic management and oversight of the QCCS CB.

The scheme provides a model for recognition or licensing (government and commercial) Evaluation Bodies (EBs) to conduct security evaluations of ICT products, systems and protection profiles against internationally recognized standards; Common Criteria (ISO/IEC 15408) and Common Evaluation Methodology (ISO/IEC 18045).

QCCS CB delivers the following additional supporting services:

  • Engagement with CCRA member countries and participation in the development and maintenance of the CCRA, ISO/IEC 15408, ISO/IEC 18045 on behalf of the Qatar Government;
  • Provision of support to third party assessors for the purpose of assessing compliance of:
    • the Common Criteria Scheme with CCRA requirements (Voluntary periodic assessment),
    • accreditation of Evaluation Bodies (EBs) to against ISO/IEC 17025;
  • Provision of Training and Development for Certifiers, and interested customers;
  • Management of Scheme publications including the QCCS Certified Products Register that lists scheme certified products

QCCS Recognized Evaluation Bodies

An Evaluation Body (EB or EBs) is either a commercial or governmental evaluation facility licensed by QCCS, and accredited (ISO/IEC 17025) by an accreditation body under ILAC and MRA, to conduct evaluations under the QCCS. The EB Recognition Procedure will be applied when licensing an EB.

Below is the list of QCCS recognized labs: 

Evaluation Body

Address & Contact Details

Contact Person

TUV Informationstechnik GmbH (TÜViT)

Am TÜV 1, 45307 Essen, Germany

Phone: +49-201-8999-639

Fax : +49 201 8999-666

Email :

Marc Le Guin

BEAM Teknoloji A.Ş.

ODTÜ Teknokent Galyum Binası Zemin, Kat No: 1 06800 Çankaya Ankara/TÜRKİYE

Phone: +90 (312) 210-1224
Fax: +90 (312) 210-1294

Mehmet Çakır

National Testing and Vetting Laboratory (NTVL)


Note: Capabilities up to EAL2+

National Cyber Security Agency(NCSA),
National Testing and Vetting Laboratory(NTVL)
P.O. Box 24100,
Wadi Al Sail Street
Doha, Qatar 

Phone: +974 2362220

Jassim Al Muftah


TÜBİTAK BİLGEM Barış Mh. Dr. Zeki Acar Cd. No:1 Gebze 41470 KOCAELİ/TÜRKİYE

Phone: +90 262 675 2374

Fax: +90 262 648 1100

Yasir Emre BULUT

Below is the list of QCCS certified products: 

Evaluation Details

Product Details

Related Information

Evaluation Body
TÜV Informationstechnik GmbH

DERMALOG Identification Systems GmbH

Manuela Tiedemann
Mittelweg 120, 20148 Hamburg, Germany
Tel.: +49 40 413 227-0
Fax: +49 40 413 227-89



DERMALOG Fingerprint PAD Kit LF10

LF10, Part-No. 8004-0009-00 
DermalogBPLF10Plugin, DermalogFakeFingerDetectionLF10Plugin,

Product Description
The TOE is a fingerprint sensor (plus its related software and guidance documentation) which provides a countermeasure against the aforementioned attacks. It is capable of classifying whether a finger that is presented to the sensor of the TOE, is actually a real finger presented by a genuine user (in a so-called Bona Fide attempt) or whether an artefact is presented (a so-called artefact presentation or presentation attack).

The following security functions are implemented by the TOE:

  • Audit Data Generation
  • Full Residual Information Protection
  • Secure TSF Data
  • Specification of Management Functions
  • Biometric Spoof Detection


Fingerprint Spoof Detection Protection Profile based on Organizational Security Policies (FSDPP_OSP), Version 1.7, 27 November 2009

Certification Date
30 September 2021

Certificate ID

Security Target

Certification Report


Evaluation Body
BEAM Teknoloji A.Ş.

Huawei Technologies Co., Ltd.

Yong Wang
Huawei Industrial Base, Bantian, Longgang, Shenzhen 518129, China
Tel.: +86 18652028245


Huawei NetEngine 8000 M14 Routers' Software

V800R021C00, patch version V800R021C00SPC100

Product Description
The TOE is the software running on the NetEngine 8000 M14 router. The router consists of both hardware (non-TOE) and software. The software running on the router is denominated Versatile Routing Platform (VRP) developed by Huawei. VRP provides extensive security features, including different interfaces with according to access levels for administrators, enforcing authentications prior to establishment of administrative sessions, auditing of security-relevant management activities. The TOE software consists of TSF and non-TSF parts.

The following security functions are implemented by the TOE:

  • Security audit
  • Cryptographic support
  • Identification and authentication
  • Secure Management
  • Protection of the TSF
  • TOE access through user authentication
  • Trusted path and channels for device authentication
  • Trusted software updates

Evaluation Assurance Level 2 Augmented with ALC_FLR.2

CC Part 2 Extended, CC Part 3 Conformant, Package conformant to EAL 2 Augmented with ALC_FLR.2

Certification Date
24 April 2022

Certificate ID

Security Target

Certification Report