Independent assessment and certification security measures IoT consumer electronics
An ever-increasing number of everyday electronic consumer products is connected to the internet. These ‘smart’ devices make our lives more pleasant and often easier, but they also entail security risks. The standard ETSI EN 303 645 contains guidelines for the protection of consumer electronics that are part of the Internet of Things (IoT). Kiwa and KPN have combined their expertise to help manufacturers and suppliers who wish to independently assess and certify their IoT consumer electronics. This ensures consumers that certified products meet standard safety requirements.
Why certify according to the ETSI EN 303 645?
Certification according to ETSI EN 303 645 is of added value to developers and manufacturers of consumer electronics that can be connected to the web. Consumers who buy and use these certified products want to be able to trust they meet standard safety requirements. The European Union is underlining consumers’ desire for trust through new legislation by banning ‘smart’ equipment that does not meet minimum cybersecurity requirements from the European market from 2024. Product development according to ETSI EN 303 645 also contributes to, among other things, more security, updateability, integrityand structure.
Mandatory security measures
The new EU legislation aims to ensure that consumers are better protected against cybercrime via consumer electronics connected to the internet. The new legislation is laid down in a so-called 'Delegated Act', an extension of the Radio Equipment Directive (RED) (2014/53/EU), the European legislation for radio and other broadcasting equipment. This Delegated Act stipulates that products intended for the European market must comply with Articles 3.3 d, e and f of the RED. The ETSI EN 303 645 is one of the standards that can be used to comply with these mandatory articles.
The benefits
Suppliers and manufacturers can now rely on the combined expertise of Kiwa and KPN Security for independent assessment and certification of IoT devices on aspects related to cybersecurity. The two parties signed a cooperation agreement for this. Discover what the cooperation means to you:
1. One-stop-shop for independent review
Suppliers and manufacturers are now able to have their products independently certified at a one-stop-shop, enabling them to bring new products to market quickly.
2. High-quality testing facilities
KPN Security checks in its high-quality test facilities whether IoT products comply with the ETSI EN 303 645 standard and are therefore sufficiently safe for users. This includes looking at the encryption used, the update mechanisms, the presence of universal default passwords and protection against attacks.
3. Independent test results
Both KPN Security's test facilities and quality system meet high quality requirements and are monitored by Kiwa as an independent testing institution. Quality, independence and impartiality are thus guaranteed. Kiwa can therefore accept the test results – in combination with the results of additional tests performed by Kiwa – for issuing a product certificate. With this product certificate, the producer is able to sell the product on the European market and beyond.
More information:
About ETSI EN 303 645
The standard ETSI EN 303 645 contains guidelines for the protection of consumer electronics that are part of the Internet of Things (IoT).