EMC China Lab

CE RED Certification and EN 18031 Security Standard

Views :
Update time : 2024-11-22

In the digital era, wireless devices have become an integral part of our daily lives. From smartphones to smart home systems, these high-tech products greatly enhance our living experiences but also introduce new challenges for cybersecurity and privacy protection.

 

To address these emerging issues, the European Union (EU) established the Radio Equipment Directive (RED), aiming to ensure the safety of all wireless devices on the market. This initiative not only helps protect consumer interests but also promotes the healthy development of the entire industry.

 

Background of the RED Directive

With the widespread adoption of wireless technologies such as Wi-Fi, NFC, and Bluetooth, the risks of cyberattacks and financial fraud have increased. To mitigate these risks, the European Commission adopted an enabling act for the Radio Equipment Directive (2014/53/EU) in October 2021, ensuring the safety of wireless devices in the markets of the EU’s 27 member states. These changes were published in the EU Official Journal (EUOJ) on January 12, 2022.

 

In May 2024, the EU officially released the final draft of the en 18031 cybersecurity standards series, widely consulting member states for feedback. The standards will become mandatory starting August 1, 2025.

 

Under this regulation, all wireless devices sold in the EU market must meet requirements for cybersecurity, personal data privacy, and fraud prevention. Manufacturers must comply with these provisions and obtain CE-RED certification before the August 1, 2025, transition deadline. This implies that device manufacturers will need to implement enhanced measures for cybersecurity, personal data protection, and fraud risk reduction.

 

Cybersecurity Requirements of the RED Directive

The cybersecurity requirements in the RED Directive focus on three key areas:

 

1. Cybersecurity Protections: Wireless devices must not harm networks or their functionality, nor misuse network resources, leading to unacceptable service degradation.

2. Personal Data and Privacy Protection: Wireless devices must include safeguards to protect users' and subscribers' personal data and privacy.

3. Prevention of Financial Fraud: Wireless devices must support features to prevent financial fraud.

 

Affected Product Categories

These changes will impact all manufacturers declaring compliance under the Radio Equipment Directive. According to RED Article 3.3, the main product categories include:

 

- EN 18031-1: Common security requirements for wireless devices - Part 1: Internet-connected wireless devices.  

- EN 18031-2: Common security requirements for wireless devices - Part 2: Wireless devices that process data, including network-connected devices, children's devices, toys, and wearables.  

- EN 18031-3: Common security requirements for wireless devices - Part 3: Devices that process virtual currency or monetary value through internet connections.

 

Products Excluded from Scope:

- Medical devices classified under (EU) 2017/745 and (EU) 2017/746.

- Exemptions for parts of civil aviation, automotive, and road toll systems (3.3e and 3.3f requirements excluded).

 

Guidelines for Manufacturers

Manufacturers should begin preparations for the mandatory compliance deadline of August 2025. They must review existing products and evaluate new product designs to ensure compliance with the new cybersecurity requirements and secure the necessary certifications before the deadline. These efforts will minimize business risks and help maintain a competitive edge.

 

Failure to comply may result in severe consequences, including but not limited to product recalls, fines, market bans, and reputational damage.


Email:hello@jjrlab.com


Leave Your Message


Write your message here and send it to us


Related News
Read More >>
IEC EN 61326 Report for Electrical and Laboratory IEC EN 61326 Report for Electrical and Laboratory
01 .23.2025
China JJR Laboratory offers IEC EN 61326 testing for electrical and laboratory equipment, ensuring E...
CE Testing Fees for Charging Piles and Charging Gu CE Testing Fees for Charging Piles and Charging Gu
01 .23.2025
JJR Lab offers CE testing for charging piles and guns, ensuring compliance with LVD, EMC, RoHS, and ...
E-Mark Certification for Vehicle Electronic Applia E-Mark Certification for Vehicle Electronic Applia
01 .23.2025
JJR Lab provides professional E-Mark certification testing to ECE standards, ensuring fast, reliable...
Introduction to Common FCC Standards and Label Req Introduction to Common FCC Standards and Label Req
01 .23.2025
JJR Lab offers FCC certification testing per standards like PART 15 (intentional/unintentional emitt...
Introduction to FCC Part 15 Standards Introduction to FCC Part 15 Standards
01 .23.2025
FCC Part 15 sets EMC limits for RF devices to prevent interference. JJR Lab provides testing for rad...
Compliance Guide for Universal Charger CE Certific Compliance Guide for Universal Charger CE Certific
01 .23.2025
From December 28, 2024, EU mandates USB Type-C ports (EN IEC 62680-1-3:2022) for devices. JJR Lab of...
Amazon Canada: Candle and Candleholder Certificati Amazon Canada: Candle and Candleholder Certificati
01 .22.2025
Amazon Canada requires candles and candleholders to meet specific regulations and standards. JJR Lab...
Compliance for Baby Pacifiers & Clips on Amazo Compliance for Baby Pacifiers & Clips on Amazo
01 .22.2025
Ensure compliance for baby pacifiers & clips on Amazon Australia with AS 2432, EN 1400, or EN 12...

Leave Your Message