Nowadays, smart devices can now be found in almost every household. These devices usually collect, store and transmit data from the user in one way or another. Too often, these devices are by default not or insufficiently protected against hacks, data leaks, etc. The European Telecommunications and Standardization Institute (ETSI) has therefore developed the standard ETSI EN 303 645. Based on this standard Kiwa tests and assesses whether IoT products are sufficiently secure for end users.
Essential security requirements
By developing the standard ETSI EN 303 645, ETSI participants (manufacturers, network service providers, governments, telecom regulators and end users) have established effective, essential security requirements and best practices regarding cyber security and privacy protection of consumer electronics which partake in data traffic. Check the leaflet for more information about the security aspects Kiwa checks.
Cyber security IoT consumer products
ETSI EN 303 645 contains cybersecurity requirements and procedures for IoT consumer products. This not only concerns smart devices themselves, but also sensors and operating parts of these devices. Connected devices can often also be operated with a smartphone app. The safety thereof is not covered by ETSI EN 303 645, but as an optional service Kiwa can assess its safety using the RARS scheme.
Manufacturers of IoT consumer electronics
Certification by Kiwa according to ETSI EN 303 645 is of added value to developers and manufacturers of consumer electronics that can be connected to the web. Examples include baby monitors, smart doorbells, cameras, TV’s and speakers, wearable health trackers and connected home appliances such as washing machines and refrigerators. Basically, any consumer electronic device utilizing data can be put to the test according to ETSI 303 645. Product development according to ETSI EN 303 645 contributes to better safety, updateability, transparency, structure, etc.
ETSI EN 303 645 Compliance
The certification process results in a test report. If the product meets the requirements of the standard, the manufacturer will receive a certificate of compliance. If the manufacturer applied for a RED certificate their compliance to the ETSI EN 303 645 will be mentioned on the RED Certificate. This allows the manufacturer to demonstrate that the product meets the basic requirements in the field of IoT and Cyber security which is becoming increasingly important. In this way, a manufacturer not only creates trust among the (potential) users of his product, but can also distinguish himself from other manufacturers.