In December 2022, the UK government formally passed the "Product Security and Telecommunications Infrastructure Act 2022" (PSTI) and it will be enforced from April 29, 2024. The new regulation marks a new era for cybersecurity in the UK, as it mandates the creation of new minimum security requirements that manufacturers, importers, and distributors of consumer connectable products (also called Internet of Things or IoT devices) must comply with.
The bill received Royal Assent on 6 December 2022. It entered into force in April 2023 with a 12-month transition period, and became mandatory from 29th April 2024, and manufacturers are obliged to comply with the security requirements described therein or face potential penalties.
The bill consist of three main parts:
Part 1 of the PSTI Regulation requires manufacturers, distributors, and importers to ensure that products placed on the UK market comply with minimum security requirements aimed at protecting the UK consumer.
It applies to England and Wales, Scotland, and Northern Ireland.
Products that can be connected to a network or internet are under the scope of this regulation. These are the Internet of Things devices, that include, but are not limited to:
It is also important to know that the following devices are excluded from the UK PSTI Regulations:
Not sure if your product requires PSTI certification? Please 填寫我們的簡短表格,我們的專家將很樂意為您提供進一步的協助。
According to the UK GOV’s publication on PSTI, such as the document “The Product Security and Telecommunications Infrastructure (Security Requirements for Relevant Connectable Products) Regulations 2023,” as shown in Schedule 2, PSTI currently assesses products for compliance with three control requirements at this stage:
ETSI EN 303 645 establishes new global standards for the security of consumer devices connected to the Internet of Things (IoT), enabling products to withstand serious cybersecurity threats and comply with GDPR requirements, protecting personal data and consumer privacy.
The ETSI EN 303 645 standard for IoT product security and privacy includes the following 13 categories of requirements:
PSTI Act and ETSI EN 303 645 standard testing processes:
You will never pay for services that you don’t need! GTG Group provides a customized quote which are tailored to each client's needs and budget. Furthermore, we can expedite the certification process by leveraging modern technologies that ensure you receive the PSTI certification in a reasonably short time frame, faster than the average industry time.
However, the cost and the lead time of testing and certification varies depending on the product complexity and the testing requirements. GTG Group provides free consultation to assess your needs and provide advice on how to get started with compliance. 聯絡我們 today by 填寫我們的簡短表格!
Does the Statement of Compliance (SoC) have to be a piece of paper that comes in the box with the product? What does “attached” mean? Does the Statement of Compliance (SoC) have to be a piece of paper that comes in the box with the product? What does “attached” mean?
No. It is up to each organization to decide how to comply with the Act based on the requirements of their own products. The Act require that the SoC must be a document, but they do not specify that this document must be paper-based; it can also be in digital form. However, manufacturers must ensure that this document is provided with the product, in whatever form, to ensure that users can access it when they receive the product.
Should Bluetooth be considered as meeting the second connectivity condition?
Section 5 defines the connectivity condition as follows:
‘(5) A product meets the second connectivity condition if –
Accordingly, a Bluetooth product meets the second connectivity condition if it is capable of connecting to two or more products and is also capable of connecting directly to an Internet-connectable product.
If I only sell connected products for business/professional use, are they exempt from the Act?
If the manufacturer knew or should have known that the product would be used as a UK consumer connected product, then the product falls within the scope of the requirements. This means that whether or not the product is marketed to ‘professionals or merchants’, if the manufacturer knew or should have known that consumers would use the product, then the product needs to comply with the Act. For a manufacturer to be exempt from the Act, they must ensure that the product will not be used by consumers. They must ensure that the product will not be used by consumers, that there is no equivalent product on the market for consumers, and that the product has not been offered to consumers before.
Since retailers as part of the supply chain will be affected by the UK’s PSTI Act, do online consumer retail platforms like eBay, Amazon, Taobao, etc., need to comply with the UK PSIT Act in the following scenarios?
All relevant parties must comply with the Product Safety and Telecommunications Infrastructure Act of 2022.
GTG集團成立於2012年,是中國獨立的ISO/IEC 17025認可的產品測試和認證服務提供商,為多種產品提供全面的測試和監管認證獲取服務。我們的目標是認證您的產品並確保其符合監管標準,以幫助您進入全球市場。
By working with GTG Group, you will enjoy the convenience of completing all of your tests (cyber security, safety, EMC, RF, wireless, energy efficiency, environmental, durability, performance, chemical and other tests) and receive certification for your product from a single accredited lab. You will also eliminate the headaches of using multiple labs, delays in logistics, and shipping costs. 聯絡我們 今天!
與GTG集團合作最顯著的優勢之一是我們進行真實的測試並對最終用戶負責。這是至關重要的,因為它可以避免風險並讓使用這些產品的企業和個人感到安心。我們與一些世界領先的企業合作,我們的服務受到客戶的高度評價。當您選擇 GTG 集團進行測試和認證時,您可以確信自己正在與值得信賴且可靠的合作夥伴合作。
我們的測試和測試報告得到全球監管機構的認可和接受,確保您的產品符合必要的標準和法規。 GTG集團的子公司獲得了當地和國際認證機構的認可,包括IECEE、UL、A2LA、NVLAP、ITS (Intertek)、KTC、TÜV、Eurofins、CNAS、CMA、CQC。我們的認證證明了我們致力於提供符合行業標準的高品質測試服務。檢查所有認證文件 這一頁。
GTG Group accredited laboratory have more than 13 years of experience in IoT products testing for the global market and have helped thousands of businesses achieve PSTI certification. Experts we hired are all with deep industry expertise and extensive technical knowledge that can help you avoid common mistakes.
Furthermore, our facilities are with enough space to perform every type of test separately and have room for all your equipment as well as plenty of workspace around it. GTG Group covers a testing area of 30,000 square meters and have more cyber security testing labs, safety testing labs, EMC testing labs, RF testing labs, energy efficiency testing labs, performance testing labs, durability testing labs and environmental testing labs than our peers.
此外,我們標準化和標準化的測試流程使我們能夠在短時間內提供準確可靠的測試結果。這就是為什麼我們的周轉時間是業內最快的,確保我們的客戶將他們的產品立即推向市場。
GTG集團大力投資現代化檢測設備,並擁有嚴格的品質控制流程,確保檢測方法準確可靠。此外,實驗室定期升級其設備,以確保其始終處於技術前沿。
我們知道每種產品都是不同的,成本是產品開發的重要因素。 GTG 集團致力於在不影響品質的情況下提供價格實惠的測試解決方案。我們的專家團隊將與您密切合作,了解您產品的具體需求,設計符合您要求並確保符合監管標準的測試解決方案。這意味著您可以獲得所需的測試,而無需為不需要的服務付費,從而確保我們的客戶始終物有所值。
我們還可以提供免費的預合規測試服務,幫助在流程早期發現和解決潛在的設計缺陷,從而降低設計成本並加速市場推出。我們承諾沒有風險或任何義務!
對標準解釋、標準適用性或國家特定要求的產品測試和認證有疑問嗎?
不確定哪些標準適用於您的產品?我們來談談吧!我們的專家 7*24 待命。
13 年來,GTG 集團已幫助數千家組織進入全球市場並獲得國際認可!
© 2012-2024 GTG 組。版權所有。
