EMC China Lab

What are the UK PSTI Regulations?

Views :
Update time : 2024-07-17

In December 2022, the United Kingdom passed the "Product Security and Telecommunications Infrastructure Act 2022" (PSTI Act), which officially came into effect on April 29, 2024. This regulation affects most connected products, requiring relevant businesses to strictly comply with the PSTI Act. So, what does the UK's PSTI Act entail, and how should relevant businesses comply? Let's explore this in depth with you!

 

What are the UK PSTI Regulations?(图1)


What is PSTI?

PSTI stands for The Product Security and Telecommunications Infrastructure, an important regulation concerning product security and telecommunications infrastructure. The Act mandates the security of internet-connected consumer products, aiming to protect consumers from hacking and cyberattacks.

 

The Act requires relevant manufacturers, importers, or distributors to comply with its requirements and stipulates that products must meet minimum security standards before being marketed in the UK.

 

Products Covered by PSTI

The PSTI Act stipulates that consumer products that can connect to the internet or other networks must comply with product security requirements. Common products include:

 

- Smartphones

- Internet-connected cameras, TVs, and speakers

- Internet-connected toys and baby monitors

- Internet-connected security products (smoke detectors, door locks, alarms, etc.)

- IoT hubs and bases connecting multiple devices

- Wearable fitness trackers

- Home automation and alarm systems

- Outdoor recreational products such as handheld GPS devices

- Smart home assistants

- Smart home appliances (washing machines, refrigerators, etc.)

 

Excluded products include:

- Certain products supplied in Northern Ireland

- Electric vehicle charging stations

- Medical devices

- Smart meter products

- Desktop computers, laptops, and tablets without cellular connectivity (unless specifically designed for children under 14)

 

How to Comply with the Requirements?

1. Product Security Requirements

 

The PSTI Act requires that manufacturers, importers, and distributors of connected products meet security requirements, which include the following three main aspects:

 

- Prohibition of default passwords

- Implementation of a method to manage vulnerability reports

- Transparency about the period during which the product will receive important security updates

 

Sellers can assess or demonstrate product compliance with the PSTI Act by referring to the cybersecurity standard for consumer IoT, ETSI EN 303 645.

 

2. Statement of Conformity Requirements

 

Connected products covered by the PSTI Act must also be accompanied by a Statement of Conformity (SOC), which must include the following information:

 

- Product information (type, batch number, etc.)

- Name and address of each manufacturer or their authorized representative

- SOC prepared by the manufacturer or their authorized representative

- Statement that the product meets the relevant security requirements of Schedule 1 of the PSTI Act or the conditions for meeting security requirements in Schedule 2 of the PSTI Act

- Product support duration specified by the manufacturer when the product is first supplied

- Signatory information (including the name, position, place, and date of signing)

 

In summary, the main documents sellers need to prepare are the ETSI EN 303 645 test report and the Statement of Conformity.

 

Additionally, connected products covered by the PSTI Act may also involve CE and WEEE certifications. Sellers importing such products into the UK should prepare the relevant documents and files in advance to avoid any sales disruptions due to insufficient preparation.


Email:hello@jjrlab.com


Leave Your Message


Write your message here and send it to us


Related News
Read More >>
Energy Storage Power Supply EMC Testing Energy Storage Power Supply EMC Testing
12 .23.2024
JJR Laboratory offers EMC testing for energy storage, including high-power, surge, EFT, and photovol...
20 MHz-80 MHz Low-Frequency Radiation Immunity Tes 20 MHz-80 MHz Low-Frequency Radiation Immunity Tes
12 .23.2024
20 MHz-80 MHz Low-Frequency Radiation Immunity Testing: JJR Laboratory offers certified testing, fas...
Amazon Wireless FCC RF Compliance Amazon Wireless FCC RF Compliance
12 .23.2024
Amazon requires FCC compliance proof for RF devices. China JJR Labs offers FCC Part 15 testing for ...
Which Bluetooth products support profiles? Which Bluetooth products support profiles?
12 .23.2024
Bluetooth products support various profiles like A2DP, AVRCP, HFP, and more. JJR Lab provides testin...
What is the ANSI C136.31-2023 Testing Standard? What is the ANSI C136.31-2023 Testing Standard?
12 .23.2024
The ANSI C136.31-2023 standard outlines vibration resistance tests for roadway and area lighting fix...
RED-DA Regulations and Standards EN 18031 RED-DA Regulations and Standards EN 18031
12 .23.2024
RED-DA regulations ensure IoT device cybersecurity, covering data protection, fraud prevention, and ...
PDU Safety Testing and Certification Laboratory PDU Safety Testing and Certification Laboratory
12 .23.2024
JJR Laboratory provides PDU testing and certification services, offering accredited solutions for po...
Automotive LiDAR AECQ Certification Automotive LiDAR AECQ Certification
12 .21.2024
Automotive LiDAR AECQ certification ensures reliability for autonomous driving by requiring componen...

Leave Your Message