EMC China Lab

What are the UK PSTI Regulations?

Views :
Update time : 2025-11-04

In December 2022, the United Kingdom passed the "Product Security and Telecommunications Infrastructure Act 2022" (psti Act), which officially came into effect on April 29, 2024. This regulation affects most connected products, requiring relevant businesses to strictly comply with the PSTI Act. So, what does the UK's PSTI Act entail, and how should relevant businesses comply? Let's explore this in depth with you!

 

What are the UK PSTI Regulations?(图1)


What is PSTI?

PSTI stands for The Product Security and Telecommunications Infrastructure, an important regulation concerning product security and telecommunications infrastructure. The Act mandates the security of internet-connected consumer products, aiming to protect consumers from hacking and cyberattacks.

 

The Act requires relevant manufacturers, importers, or distributors to comply with its requirements and stipulates that products must meet minimum security standards before being marketed in the UK.

 

Products Covered by PSTI

The PSTI Act stipulates that consumer products that can connect to the internet or other networks must comply with product security requirements. Common products include:

 

- Smartphones

- Internet-connected cameras, TVs, and speakers

- Internet-connected toys and baby monitors

- Internet-connected security products (smoke detectors, door locks, alarms, etc.)

- IoT hubs and bases connecting multiple devices

- Wearable fitness trackers

- Home automation and alarm systems

- Outdoor recreational products such as handheld GPS devices

- Smart home assistants

- Smart home appliances (washing machines, refrigerators, etc.)

 

Excluded products include:

- Certain products supplied in Northern Ireland

- Electric vehicle charging stations

- Medical devices

- Smart meter products

- Desktop computers, laptops, and tablets without cellular connectivity (unless specifically designed for children under 14)

 

How to Comply with the Requirements?

1. Product Security Requirements

 

The PSTI Act requires that manufacturers, importers, and distributors of connected products meet security requirements, which include the following three main aspects:

 

- Prohibition of default passwords

- Implementation of a method to manage vulnerability reports

- Transparency about the period during which the product will receive important security updates

 

Sellers can assess or demonstrate product compliance with the PSTI Act by referring to the cybersecurity standard for consumer IoT, ETSI EN 303 645.

 

2. Statement of Conformity Requirements

 

Connected products covered by the PSTI Act must also be accompanied by a Statement of Conformity (SOC), which must include the following information:

 

- Product information (type, batch number, etc.)

- Name and address of each manufacturer or their authorized representative

- SOC prepared by the manufacturer or their authorized representative

- Statement that the product meets the relevant security requirements of Schedule 1 of the PSTI Act or the conditions for meeting security requirements in Schedule 2 of the PSTI Act

- Product support duration specified by the manufacturer when the product is first supplied

- Signatory information (including the name, position, place, and date of signing)

 

In summary, the main documents sellers need to prepare are the ETSI en 303 645 test report and the Statement of Conformity.

 

Additionally, connected products covered by the PSTI Act may also involve CE and WEEE certifications. Sellers importing such products into the UK should prepare the relevant documents and files in advance to avoid any sales disruptions due to insufficient preparation.


Email:hello@jjrlab.com


Leave Your Message


Write your message here and send it to us


Related News
Read More >>
Do I Need CPSC eFiling for Toys Do I Need CPSC eFiling for Toys
07 .07.2026
Starting 2026, CPSC requires eFiling for toy imports. Ensure compliance with CPSIA & ASTM F963. ...
What is the CPSC eFiling Requirement for Amazon Se What is the CPSC eFiling Requirement for Amazon Se
07 .07.2026
Amazon‘s CPSC eFiling deadline is July 8! Ensure your children‘s products meet ASTM & CPSIA stan...
What Products Require Direct Verification by Amazo What Products Require Direct Verification by Amazo
07 .07.2026
Ensure Amazon compliance with JJR LAB‘s TIC Direct Verification. We provide approved testing for UL,...
Amazon Toys TIC DV Validation Amazon Toys TIC DV Validation
07 .06.2026
Need Amazon Toys TIC DV Validation? JJR LAB offers direct reporting, ensuring laser, jewelry & s...
Austrian Amazon EPR Mandatory Compliance Austrian Amazon EPR Mandatory Compliance
07 .06.2026
Austrian Amazon EPR is mandatory for packaging, WEEE & batteries. Ensure products meet testing s...
The Differences Between CTA Network Access Certifi The Differences Between CTA Network Access Certifi
07 .06.2026
CTA regulates network access, while SRRC governs RF emissions in China. Complying with MIIT testing ...
Where to Get German LFGB Testing Done? Where to Get German LFGB Testing Done?
07 .05.2026
Need German LFGB testing? JJR LAB verifies food contact materials to strict LFGB Sec 30 & 31 sta...
966 Fully Anechoic Chamber 966 Fully Anechoic Chamber
07 .04.2026
At JJR LAB, our 966 Fully Anechoic Chamber provides expert EMC testing to EN55032 and IEC 61000 stan...

Leave Your Message