EMC China Lab

CE Certification Directive for Radio Equipment: RED Network Security

Views :
Update time : 2024-09-27

In January 2022, the Official Journal of the European Union published Regulation 2022/30/EU, requiring compliance with the Radio Equipment Directive (RED) Articles 3.3(d), (e), and (f). This regulation will be mandatory starting August 1, 2025, providing a transition period for manufacturers to comply with the relevant requirements and obtain CE-RED certification.

 

The regulation mandates that applicable radio equipment in the EU market ensure network security, personal data privacy, and fraud protection, aiming to enhance the network security of such devices and boost consumer confidence. Non-compliance may result in product recalls, fines, market bans, and reputational damage. With less than a year until the enforcement date, JJR Laboratory in China advises manufacturers to begin preparations to ensure compliance by the deadline.

 

What is RED Article 3.3 Certification?

According to the EU's Radio Equipment Directive (RED), particularly Article 3.3, basic requirements are set for network security to improve the cybersecurity of wireless products, personal data protection, privacy, and the security of financial transactions.

 

- Regulatory Requirements:

- RED Article 3.3(d): Must not compromise the network or its functions, nor misuse network resources to cause unacceptable service degradation.

- RED Article 3.3(e): Must include safeguards to ensure protection of users' and subscribers' personal data and privacy.

- RED Article 3.3(f): Must support certain features to prevent fraud.

 

- Device Coverage:

- Devices that can communicate over the Internet on their own and devices connected to the Internet.

- Must process personal data, communication traffic data, and location data via the Internet.

- Devices that can communicate over the Internet via connected devices and enable holders or users to transfer money, currency, or virtual currency.

 

- Exclusions:

- RED Articles 3.3(d), (e), and (f) do not apply to medical devices and in-vitro diagnostic medical devices.

- RED Articles 3.3(e) and (f) do not apply to type-approved vehicles and vehicle systems, civil aviation equipment, and cross-border electronic toll systems.

 

If applicable products do not meet requirements, manufacturers may face consequences including but not limited to:

- Product Recall: Products found non-compliant with cybersecurity requirements may need to be recalled from the market.

- Fines: Manufacturers may incur substantial fines depending on the severity and scope of the non-compliance.

- Market Ban: In severe cases, non-compliant products may be prohibited from sale in the EU market.

- Reputational Damage: Brand reputation may suffer due to violations of cybersecurity regulations, affecting consumer trust and sales.

 

How to Ensure Radio Equipment Meets RED Article 3.3 Requirements

To ensure radio equipment complies with RED Article 3.3, the following steps should be taken:

1. Understand the Requirements of Article 3.3: These include cybersecurity, personal data protection, user privacy protection, and fraud prevention measures. Specifically, Article 3.3(d) prohibits compromising network functionality and misusing resources; Article 3.3(e) requires measures to protect personal data and privacy; Article 3.3(f) mandates support for fraud prevention features.

 

2. Learn EN 18031 Series Standards: During planning and manufacturing, ensure that radio equipment integrates essential security features, such as preventing unauthorized access, implementing data protection, and securing firmware updates. Mastering the EN 18031 standards, although not currently a coordinated standard for RED, provides valuable reference for meeting RED's security requirements.

 

3. Monitor Regulatory Changes: The RED regulations may be updated, so regularly check for the latest regulatory requirements to ensure devices remain compliant with current standards.

 

4. Check Device Applicability under RED Article 3.3: This includes devices capable of Internet communication, whether directly or indirectly connected, such as wearable technology, portable devices, and those for transferring funds or virtual currency, as well as children’s toys or monitoring devices.


Email:hello@jjrlab.com


Leave Your Message


Write your message here and send it to us


Related News
Read More >>
China 10 meter Semi Anechoic Chamber China 10 meter Semi Anechoic Chamber
10 .14.2024
China JJR Lab offers advanced 10m semi-anechoic and 966 chambers for EMC testing, covering automotiv...
What is an EU Representative? What is an EU Representative?
10 .14.2024
An EU Representative (EAR) is required for non-EU manufacturers seeking CE certification, ensuring p...
Taiwan NCC Certification Introduction Taiwan NCC Certification Introduction
10 .14.2024
Taiwan NCC certification is required for telecom and low-power RF devices to ensure compliance with ...
CE Certification for Smart Wristbands CE Certification for Smart Wristbands
10 .14.2024
Smart wristbands need CE certification for EU entry. Key standards: EN 301 489 (EMC), EN 300 328 (RE...
What certifications are required to export electro What certifications are required to export electro
10 .14.2024
To export electronics to Japan, mandatory certifications include PSE, TELEC, JATE, and METI registra...
Amazon Radio Equipment New Regulations 2024.12.28 Amazon Radio Equipment New Regulations 2024.12.28
10 .14.2024
The 2024 RED update requires USB-C charging for devices like phones, tablets, and laptops, ensuring ...
What is Austrian EPR compliance certification? What is Austrian EPR compliance certification?
10 .14.2024
China JJR is an IEC 17025 accredited laboratory, providing Austrian EPR compliance certification, WE...
Radiation-Safe SAR Testing Laboratory Radiation-Safe SAR Testing Laboratory
10 .14.2024
Radiation-safe SAR labs simulate human tissue to test radiation absorption from 5G, Wi-Fi, and Bluet...

Leave Your Message