To be FIPS 140-2 certified or validated, the software (and hardware) must be independently validated by one of 13 NIST specified laboratories, this process can take weeks. The FIPS 140-2 validation process examines the cryptographic modules. Level 1 examines the algorithms used in the cryptographic component of the software. Levels 2-4 build on the software component by adding different layers of physical security. The YubiKey FIPS Series meets Level 3 requirements (AAL3) which means that the code is within a tamper-proof container so that keys used in the cryptography are destroyed if the device is physically compromised.