Differences Between EN 18031 and EN 300 328 Standards

The en 18031 and EN 300 328 standards under CE certification differ in the following aspects:

1. Scope of Application

• EN 18031: Covers all internet-connected radio equipment, including smartphones, smartwatches, Bluetooth speakers, Wi-Fi routers, smart home devices, in-vehicle infotainment systems, and industrial IoT devices. However, medical devices, certain industrial equipment, and specific communication devices may be exempted.

• EN 300 328: Targets equipment operating in the 2.4GHz ISM band using wideband digital transmission. This mainly includes products such as WLAN, Bluetooth, and Zigbee.

2. Focus Area

• EN 18031: A mandatory EU standard focused on cybersecurity for radio equipment, forming a core part of the CE-RED (Radio Equipment Directive). It emphasizes network security, user privacy protection, and financial transaction security by enforcing technical specifications and safeguards to prevent cyberattacks, data bREACHes, and financial fraud.

• EN 300 328: Primarily addresses the technical performance specifications of devices operating in the 2.4GHz band. It ensures that radio equipment does not cause interference with other devices or pose health risks to humans, and sets minimum performance requirements for receivers to improve spectrum efficiency.

3. Specific Requirements

• EN 18031: Divided into three sub-standards:

 - EN 18031-1: Requires devices to have protection against cyberattacks, secure update mechanisms, and encrypted communication.

 - EN 18031-2: Requires protection of user privacy, such as restricting access to children's devices and providing data deletion features.

 - EN 18031-3: Applies to devices handling financial transactions, requiring anti-fraud mechanisms, transaction integrity verification, and secure boot functions.

• EN 300 328: Specifies technical performance requirements such as transmitter spurious emissions and receiver blocking performance. For example, it includes limits on spurious emissions in the 694MHz – 862MHz band, and updated definitions, testing methods, and limit requirements for receiver types in blocking tests.

4. Testing Purpose

• EN 18031: Testing is intended to ensure that devices meet the EU’s stringent cybersecurity requirements. It assesses network protection, privacy safeguards, and financial security features to protect user rights and data security, ensuring reliable operation in complex network environments.

• EN 300 328: Testing is aimed at verifying the technical performance of devices in the 2.4GHz band. It ensures devices do not interfere with other wireless equipment and that their receiver performance meets standards, supporting efficient spectrum use.

5. Implementation Timeline

• EN 18031: FULly effective from August 1, 2025.

• EN 300 328: Effective from April 30, 2020, with mandatory compliance starting October 31, 2021.