EN 18031 Certification for Connected Devices on Amazon Europe

Amazon officially issued an announcement on December 15: Effective immediately, all connected devices sold to the EU market must pass the en 18031 standard certification to prove compliance with the security requirements of the EU Cyber Security Delegated Act!

Introduction to en 18031 standard

The EN 18031 series aims to provide unified standards. It is divided into three parts: EN 18031‑1 / 2 / 3, corresponding to different cybersecurity requirements under the red directive, helping manufacturers demonstrate that their products meet these new cybersecurity requirements.

Device Security (EN 18031‑1)

Ensures that radio equipment does not have harmful effects on networks or their operation, and prevents the abuse of network resources that could severely impact services.

Applies to any radio equipment capable of communication via the internet.

Data Protection (EN 18031‑2)

Ensures that radio equipment is equipped with security measures to protect the personal data and privacy of users and subscribers.

Applies to devices processing personal data or traffic data, including internet-connected devices, child‑monitoring devices, toys covered by the Toy Directive, and devices worn on the human body or clothing.

Financial Protection (EN 18031‑3)

Ensures that radio equipment is equipped with security measures to protect the personal data and privacy of users and subscribers.

Applies to connected radio equipment that allows users to transfer currency or virtual currency.

Products Covered by EN 18031

The Cyber Security Delegated Act applies to all connected radio equipment.

Products within the scope include, but are not limited to:

• Connected radio equipment: e.g., smartphones, tablets, laptops, smart TVs, routers, Wi‑Fi access points, Bluetooth devices, and streaming media players.

• Devices processing personal data or location data (even if not connected to the internet): e.g., smart watches, fitness trackers, health rings, headphones, and baby monitors.

• Payment‑enabled devices: e.g., point‑of‑sale terminals and smart watches with payment applications.

Including second‑hand goods, repaired goods, refurBIShed goods, and spare parts.

Core Advantages of JJR

Internationally Compliant

Our laboratory is constructed and operated in strict accordance with international standards such as ISO/IEC 17025, ensuring full compliance with internationally authoritative requirements in management systems, technical capabilities, personnel qualifications, equipment calibration, and other aspects.

Leading Testing Technology

Our cybersecurity testing capabilities are fully aligned with international standards and regulations. We can implement the entire EU EN 18031 series standards, covering full‑link testing of core requirements from DDoS attack prevention and mandatory password settings to multi‑factor authentication.

Accurate Market Access Support

We are committed to helping enterprises precisely meet the mandatory cybersecurity requirements of the eu red directive based on EN 18031‑1/2/3:2024, effectively avoiding market access risks after the mandatory enforcement in August 2025.

Forward‑Looking Regulatory Insights

The laboratory continuously tracks the latest developments in global cybersecurity regulations and directives, providing customers with cutting‑edge, comprehensive, and professional testing insights and service support.