EN 303 645
EN 303 645 is an IoT (Internet of Things) cybersecurity standard published by the European Telecommunications Standards Institute (ETSI). Officially titled “Cyber Security for Consumer Internet of Things: Baseline Requirements”, it was released in June 2020. The standard provides guidance to enhance the security of IoT devices, helping manufacturers improve network security while protecting consumer privacy and data.
EN 303 645 establishes minimum security requirements for consumer IoT devices and outlines key security principles, such as: prohibiting universal default passwords, securing data storage and transmission, implementing secure updates, and strengthening user authentication mechanisms, among others.
Applicable Devices:
The standard applies to various consumer IoT devices, including:
1. Network and related systems
2. Smart home assistants
3. Connected children’s toys and baby monitors
4. Connected smoke detectors, door locks, and window sensors
5. IoT gateways, base stations, and hubs connecting multiple devices
6. Smart cameras, TVs, and speakers
7. Wearable health trackers
8. Smart home automation and alarm systems
9. Connected household appliances (e.g., washing machines, refrigerators)
Compliance and Benefits:
EN 303 645 compliance is becoming the foundation for mandatory security regulations. Countries like the UK, Singapore, Finland, and Germany have adopted its principles. Implementing this standard enhances device security and data protection, reduces risks, promotes market standardization, and boosts corporate reputation and competitiveness in the global market.
About TUV NORD Taiwan:
TUV NORD Taiwan is a globally leading testing, inspection, and certification organization specializing in cybersecurity and product compliance solutions. We provide comprehensive support for Taiwanese businesses, from risk assessment to certification, ensuring their products meet the highest global cybersecurity standards and successfully enter international markets.
