EMC China Lab

CE RED Certification and EN 18031 Security Standard

Views :
Update time : 2024-11-22

In the digital era, wireless devices have become an integral part of our daily lives. From smartphones to smart home systems, these high-tech products greatly enhance our living experiences but also introduce new challenges for cybersecurity and privacy protection.

 

To address these emerging issues, the European Union (EU) established the Radio Equipment Directive (RED), aiming to ensure the safety of all wireless devices on the market. This initiative not only helps protect consumer interests but also promotes the healthy development of the entire industry.

 

Background of the RED Directive

With the widespread adoption of wireless technologies such as Wi-Fi, NFC, and Bluetooth, the risks of cyberattacks and financial fraud have increased. To mitigate these risks, the European Commission adopted an enabling act for the Radio Equipment Directive (2014/53/EU) in October 2021, ensuring the safety of wireless devices in the markets of the EU’s 27 member states. These changes were published in the EU Official Journal (EUOJ) on January 12, 2022.

 

In May 2024, the EU officially released the final draft of the en 18031 cybersecurity standards series, widely consulting member states for feedback. The standards will become mandatory starting August 1, 2025.

 

Under this regulation, all wireless devices sold in the EU market must meet requirements for cybersecurity, personal data privacy, and fraud prevention. Manufacturers must comply with these provisions and obtain CE-RED certification before the August 1, 2025, transition deadline. This implies that device manufacturers will need to implement enhanced measures for cybersecurity, personal data protection, and fraud risk reduction.

 

Cybersecurity Requirements of the RED Directive

The cybersecurity requirements in the RED Directive focus on three key areas:

 

1. Cybersecurity Protections: Wireless devices must not harm networks or their functionality, nor misuse network resources, leading to unacceptable service degradation.

2. Personal Data and Privacy Protection: Wireless devices must include safeguards to protect users' and subscribers' personal data and privacy.

3. Prevention of Financial Fraud: Wireless devices must support features to prevent financial fraud.

 

Affected Product Categories

These changes will impact all manufacturers declaring compliance under the Radio Equipment Directive. According to RED Article 3.3, the main product categories include:

 

- EN 18031-1: Common security requirements for wireless devices - Part 1: Internet-connected wireless devices.  

- EN 18031-2: Common security requirements for wireless devices - Part 2: Wireless devices that process data, including network-connected devices, children's devices, toys, and wearables.  

- EN 18031-3: Common security requirements for wireless devices - Part 3: Devices that process virtual currency or monetary value through internet connections.

 

Products Excluded from Scope:

- Medical devices classified under (EU) 2017/745 and (EU) 2017/746.

- Exemptions for parts of civil aviation, automotive, and road toll systems (3.3e and 3.3f requirements excluded).

 

Guidelines for Manufacturers

Manufacturers should begin preparations for the mandatory compliance deadline of August 2025. They must review existing products and evaluate new product designs to ensure compliance with the new cybersecurity requirements and secure the necessary certifications before the deadline. These efforts will minimize business risks and help maintain a competitive edge.

 

Failure to comply may result in severe consequences, including but not limited to product recalls, fines, market bans, and reputational damage.


Email:hello@jjrlab.com


Leave Your Message


Write your message here and send it to us


Related News
Read More >>
What is Canadian CSA certification? What is Canadian CSA certification?
12 .23.2024
CSA Certification ensures products meet safety standards in Canada and the U.S. It boosts market acc...
Testing and Certification of Walkie-Talkies Testing and Certification of Walkie-Talkies
12 .23.2024
JJR Laboratory offers walkie-talkie testing and certification, ensuring compliance with global stand...
Energy Storage Power Supply EMC Testing Energy Storage Power Supply EMC Testing
12 .23.2024
JJR Laboratory offers EMC testing for energy storage, including high-power, surge, EFT, and photovol...
20 MHz-80 MHz Low-Frequency Radiation Immunity Tes 20 MHz-80 MHz Low-Frequency Radiation Immunity Tes
12 .23.2024
20 MHz-80 MHz Low-Frequency Radiation Immunity Testing: JJR Laboratory offers certified testing, fas...
Amazon Wireless FCC RF Compliance Amazon Wireless FCC RF Compliance
12 .23.2024
Amazon requires FCC compliance proof for RF devices. China JJR Labs offers FCC Part 15 testing for ...
Which Bluetooth products support profiles? Which Bluetooth products support profiles?
12 .23.2024
Bluetooth products support various profiles like A2DP, AVRCP, HFP, and more. JJR Lab provides testin...
What is the ANSI C136.31-2023 Testing Standard? What is the ANSI C136.31-2023 Testing Standard?
12 .23.2024
The ANSI C136.31-2023 standard outlines vibration resistance tests for roadway and area lighting fix...
RED-DA Regulations and Standards EN 18031 RED-DA Regulations and Standards EN 18031
12 .23.2024
RED-DA regulations ensure IoT device cybersecurity, covering data protection, fraud prevention, and ...

Leave Your Message