The basic requirements stipulated in Articles 3.3. d, 3.3. e, and 3.3. f of the 2014/53/EU regulation require network security, personal data privacy, and fraud protection for wireless devices applicable in the EU market, with the aim of ensuring a higher level of network security for such devices and enhancing consumer confidence in them. And from August 1, 2025, it will be mandatory to prohibit wireless devices that do not meet the requirements from entering the EU market.
Scope of products covered by instructions:
Article 3.3. d: Internet connected radio devices, such as mobile phones and tablets;
Article 3.3. Ability to process personal data, traffic data, and location data:
Internet connected radio equipment;
Radio equipment without Internet connection: child care, wearable, radio equipment covered by Directive 2009/48/EC (toys);
Article 3.3. f: Internet radio equipment with the function of transferring payment value; For example: POS machine.
In order to meet the requirements of the RED directive, the EU has officially released EN 18031 as a coordinated standard with restricted use EN 18031-1: Requirements of Directive 2014/53/EU 3.3. d; EN 18031-2: Requirements of Directive 2014/53/EU 3.3. e; EN 18031-3: Requirements of Directive 2014/53/EU 3.3. f; Limitation 1: Default password. The standard allows users to use the product without setting or using any password, and the related authentication risks cannot be properly resolved; Restriction 2: Children's toys and monitoring devices, role-based access control, autonomous access control, mandatory access control, or others. Some of these categories may be incompatible with the control of parents or guardians. In this case, if parental or guardian control is not implemented, it is considered that the relevant identity verification risks will not be resolved; Restriction 3: Financial functional devices are classified into four different implementation categories based on digital signatures, secure communication mechanisms, access control mechanisms, or other mechanisms. Using any single method alone is not sufficient for handling financial assets. The evaluation criteria did not address the relevant identity verification risks correctly. Compliance method:
Self evaluation statement: Product evaluation does not involve restrictions on coordinated standards, and Shiding Testing provides third-party testing services that comply with EN 18031 standards.
Third party qualification assessment: Product evaluation involves restrictions on coordinated standards and must use a third-party qualification assessment path. We provide third-party testing services that comply with EN 18031 standards.
