EMC China Lab

What are the UK PSTI Regulations?

Views :
Update time : 2025-11-04

In December 2022, the United Kingdom passed the "Product Security and Telecommunications Infrastructure Act 2022" (psti Act), which officially came into effect on April 29, 2024. This regulation affects most connected products, requiring relevant businesses to strictly comply with the PSTI Act. So, what does the UK's PSTI Act entail, and how should relevant businesses comply? Let's explore this in depth with you!

 

What are the UK PSTI Regulations?(图1)


What is PSTI?

PSTI stands for The Product Security and Telecommunications Infrastructure, an important regulation concerning product security and telecommunications infrastructure. The Act mandates the security of internet-connected consumer products, aiming to protect consumers from hacking and cyberattacks.

 

The Act requires relevant manufacturers, importers, or distributors to comply with its requirements and stipulates that products must meet minimum security standards before being marketed in the UK.

 

Products Covered by PSTI

The PSTI Act stipulates that consumer products that can connect to the internet or other networks must comply with product security requirements. Common products include:

 

- Smartphones

- Internet-connected cameras, TVs, and speakers

- Internet-connected toys and baby monitors

- Internet-connected security products (smoke detectors, door locks, alarms, etc.)

- IoT hubs and bases connecting multiple devices

- Wearable fitness trackers

- Home automation and alarm systems

- Outdoor recreational products such as handheld GPS devices

- Smart home assistants

- Smart home appliances (washing machines, refrigerators, etc.)

 

Excluded products include:

- Certain products supplied in Northern Ireland

- Electric vehicle charging stations

- Medical devices

- Smart meter products

- Desktop computers, laptops, and tablets without cellular connectivity (unless specifically designed for children under 14)

 

How to Comply with the Requirements?

1. Product Security Requirements

 

The PSTI Act requires that manufacturers, importers, and distributors of connected products meet security requirements, which include the following three main aspects:

 

- Prohibition of default passwords

- Implementation of a method to manage vulnerability reports

- Transparency about the period during which the product will receive important security updates

 

Sellers can assess or demonstrate product compliance with the PSTI Act by referring to the cybersecurity standard for consumer IoT, ETSI EN 303 645.

 

2. Statement of Conformity Requirements

 

Connected products covered by the PSTI Act must also be accompanied by a Statement of Conformity (SOC), which must include the following information:

 

- Product information (type, batch number, etc.)

- Name and address of each manufacturer or their authorized representative

- SOC prepared by the manufacturer or their authorized representative

- Statement that the product meets the relevant security requirements of Schedule 1 of the PSTI Act or the conditions for meeting security requirements in Schedule 2 of the PSTI Act

- Product support duration specified by the manufacturer when the product is first supplied

- Signatory information (including the name, position, place, and date of signing)

 

In summary, the main documents sellers need to prepare are the ETSI en 303 645 test report and the Statement of Conformity.

 

Additionally, connected products covered by the PSTI Act may also involve CE and WEEE certifications. Sellers importing such products into the UK should prepare the relevant documents and files in advance to avoid any sales disruptions due to insufficient preparation.


Email:hello@jjrlab.com


Leave Your Message


Write your message here and send it to us


Related News
Read More >>
What Are the Types of PTCRB Certification? What Are the Types of PTCRB Certification?
07 .14.2026
PTCRB certification types—Initial, Integrated, Variant, and ECO—ensure 3G/4G/5G device compliance wi...
PTCRB Test Certification Category Classification PTCRB Test Certification Category Classification
07 .14.2026
JJR LAB provides PTCRB testing based on NAPRD and PPMD test standards, efficiently guiding your prod...
What is US Operator PTCRB Certification? What is US Operator PTCRB Certification?
07 .14.2026
PTCRB is the required operator certification for North American mobile devices. Tests follow the 3GP...
Introduction to PTCRB Certification Introduction to PTCRB Certification
07 .14.2026
PTCRB is a quasi-mandatory mobile certification in North America. Tests cover RF, Protocol, SIM, OTA...
What is PTCRB Certification What is PTCRB Certification
07 .14.2026
PTCRB is a mandatory cellular cert for North American networks, testing RF, Protocol, and OTA per 3G...
What is UL 499 Certification What is UL 499 Certification
07 .13.2026
UL 499 ensures electric heating safety via rigorous testing. JJR LAB provides expert UL 499 certific...
Amazon UL499 Standard Test Report Amazon UL499 Standard Test Report
07 .13.2026
Need an Amazon UL499 Standard Test Report? JJR LAB provides expert UL499 testing for heating applian...
Heating Lamp ETL Certification UL 499 Testing Heating Lamp ETL Certification UL 499 Testing
07 .13.2026
JJR LAB offers professional Heating Lamp ETL Certification. We evaluate your commercial and industri...

Leave Your Message