EMC China Lab

What is EN 18031 Compliance Certification?

Views :
Update time : 2025-03-11

Recently, the European Commission announced in its official journal, Office Journal (OJ), that the en 18031 series of standards have been incorporated into the Radio Equipment Directive (Directive 2014/53/EU) as harmonized standards. This decision aims to further regulate cybersecurity requirements for radio equipment, enhancing compliance and security for devices entering the EU market.

 

As the cybersecurity requirements outlined in the EN 18031 series will become mandatory from August 1, 2025, this represents a significant shift for wireless equipment manufacturers.

 

What is EN 18031 Compliance Certification?(图1)


Background and Significance

The EN 18031 series of standards were developed jointly by the European Committee for Standardization (CEN) and the European Committee for Electrotechnical Standardization (CENELEC), primarily focusing on cybersecurity requirements for radio equipment. The inclusion of this series marks a crucial step in the EU's efforts to enhance cybersecurity for radio equipment, providing manufacturers with a clear technical framework while simplifying the process of entering the EU market.

 

Composition of the EN 18031 Series

The EN 18031 series consists of three parts, each addressing different types of radio equipment and their security requirements. In 2022, the European Commission also introduced cybersecurity requirements under Article 3(3) of the directive.

 

en 18031-1:2024

- Scope: Internet-connected radio equipment.

- Compliance Requirements: Must meet the basic requirements of Article 3(3)(d) of the Radio Equipment Directive, which introduces cybersecurity measures to "prevent network harm and service degradation."

 

EN 18031-2:2024

- Scope: Includes internet-connected devices, childcare equipment, toy devices, and wearable devices.

- Compliance Requirements: Must meet the basic requirements of Article 3(3)(e) of the Radio Equipment Directive, introducing cybersecurity measures to "protect personal data and user privacy."

 

EN 18031-3:2024

- Scope: Radio equipment handling virtual currency or monetary value.

- Compliance Requirements: Must meet the basic requirements of Article 3(3)(f) of the Radio Equipment Directive, introducing cybersecurity measures to "prevent fraud in wireless devices handling virtual currency."

 

Restrictions in the Harmonized en 18031 standards Listed in the OJ

EN 18031-1:2024

- If users are allowed to not set or use any passwords (Sections 6.2.5.1 and 6.2.5.2), the device does not meet the requirements of Article 3(3)(d) of the directive.

- The "rationale" and "guidance" sections of the standard do not provide a presumption of conformity with the basic requirements of Article 3(3)(d).

 

EN 18031-2:2024

- If users are allowed to not set or use any passwords (Sections 6.2.5.1 and 6.2.5.2), the device does not meet the requirements of Article 3(3)(e).

- For specific devices like children's equipment, if parental or guardian access control is not ensured (e.g., Section 6.1.3.4.2), the device does not comply with Article 3(3)(e).

- The "rationale" and "guidance" sections do not provide a presumption of conformity with Article 3(3)(e).

 

EN 18031-3:2024

- If users are allowed to not set or use any passwords (Sections 6.2.5.1 and 6.2.5.2), the device does not meet the requirements of Article 3(3)(f).

- Section 6.3.2.4 outlines assessment criteria for security updates, listing four different implementation categories, including digital signatures, secure communication mechanisms, and access control mechanisms. However, no single approach is sufficient for financial asset security assessment.

- Manufacturers of products covered by EN 18031-3:2024 cannot ensure compliance with Article 3(3)(f) solely based on the product’s design. Therefore, third-party conformity assessment is mandatory.

- The "rationale" and "guidance" sections do not provide a presumption of conformity with Article 3(3)(f).

 

These restrictions indicate that while the EN 18031 series provides a cybersecurity framework for radio equipment, some devices may still fail to fully meet the essential requirements of the Radio Equipment Directive in the following areas:

- User password setup and usage.

- Parental or guardian access control for children's devices.

- Security evaluation of devices handling virtual currency.

 

For radio equipment that is partially compliant, non-compliant, or lacks harmonized standards, the conformity assessment process must involve a Notified Body (NB) for evaluation.

 

Impact on Manufacturers

The implementation of the EN 18031 series will drive manufacturers to strengthen the cybersecurity of their devices while providing greater security assurance for users. These standards will also help regulate the EU radio equipment market and boost consumer confidence in wireless devices.

 

Since the RED cybersecurity requirements will be enforced from August 1, 2025, all products entering the EU market after this date must comply. Manufacturers must act quickly to ensure compliance with the new cybersecurity requirements.

 

Key Actions for Manufacturers:

1. Determine whether products fall under the restricted clauses.

2. Document additional security measures.

3. Select the appropriate certification pathway.

 

Cybersecurity Testing and Certification Services by JJR Laboratory

JJR Laboratory provides comprehensive testing and evaluation services to help manufacturers meet cybersecurity compliance requirements.


Email:hello@jjrlab.com


Leave Your Message


Write your message here and send it to us


Related News
Read More >>
RCM Approval for Electrical Products in Australia RCM Approval for Electrical Products in Australia
07 .08.2026
Ensure Australia RCM compliance for electrical products with JJR LAB. We provide fast testing to AS/...
Do I Need CPSC eFiling for Toys Do I Need CPSC eFiling for Toys
07 .07.2026
Starting 2026, CPSC requires eFiling for toy imports. Ensure compliance with CPSIA & ASTM F963. ...
What is the CPSC eFiling Requirement for Amazon Se What is the CPSC eFiling Requirement for Amazon Se
07 .07.2026
Amazon‘s CPSC eFiling deadline is July 8! Ensure your children‘s products meet ASTM & CPSIA stan...
What Products Require Direct Verification by Amazo What Products Require Direct Verification by Amazo
07 .07.2026
Ensure Amazon compliance with JJR LAB‘s TIC Direct Verification. We provide approved testing for UL,...
Amazon Toys TIC DV Validation Amazon Toys TIC DV Validation
07 .06.2026
Need Amazon Toys TIC DV Validation? JJR LAB offers direct reporting, ensuring laser, jewelry & s...
Austrian Amazon EPR Mandatory Compliance Austrian Amazon EPR Mandatory Compliance
07 .06.2026
Austrian Amazon EPR is mandatory for packaging, WEEE & batteries. Ensure products meet testing s...
The Differences Between CTA Network Access Certifi The Differences Between CTA Network Access Certifi
07 .06.2026
CTA regulates network access, while SRRC governs RF emissions in China. Complying with MIIT testing ...
Where to Get German LFGB Testing Done? Where to Get German LFGB Testing Done?
07 .05.2026
Need German LFGB testing? JJR LAB verifies food contact materials to strict LFGB Sec 30 & 31 sta...

Leave Your Message