In FIPS 140-2, which level adds tamper-evident coatings?

In FIPS 140-2, security levels progressively add layers of protection, starting with basic logical security and adding physical protections at higher levels. The feature of tamper-evident coatings is a physical security measure introduced at the second level to show if the module has been opened or tampered with. Level 1 does not require these tamper-evident features, while higher levels incorporate more advanced protections for authentication, access controls, and handling of cryptographic keys, including tamper detection and zeroization actions. The description that Level 3 adds identity-based authentication, intrusion prevention, and critical access parameters goes beyond the specific tamper-evident feature identified for Level 2, and the notion that tampering erases all critical security information describes a response mechanism rather than the defining level feature. Therefore, tamper-evident coatings are associated with the second level.