FIPS 140-3 represents the Security requirements for cryptographic modules and is a revision to FIPS 140-2, so all you security vendors who target the Government/Federal vertical (and who doesn’t claim to, just like financial services) take note. In the Overview section is some brief information on the additions in 140-3 The draft includes this quick summary of changes from the overview section, see the draft for additional information (here)
FIPS 140-3 adds an additional security level and incorporates extended and new security features that reflect recent advances in technology. In FIPS 140-3, each of the eleven requirement areas in redefined. Software requirements are given greater prominence in a new area dedicated to software security, and an area specifying requirements to protect against non-invasive attacks is provided.
The D-Kriptik Blog has a lenghty write-up (here) and clearly a lot more time than I do😉