Cookie consent(s)
We use cookies to personalize content and ads, provide social media features, and analyze traffic. This is done only with your explicit consent. By clicking "ACCEPT ALL," you agree to the processing and sharing of your data with our partners for social media, advertising, and analytics, including in third countries in accordance with Art. 49(1)(a) GDPR and Art. 17(1)(a) FADP (Switzerland). There is a risk that your data may be monitored by authorities without legal recourse. You can change or revoke your consents at any time in the data privacy settings .
Data protection declaration | Legal notices
Settings
Radio Equipment Directive (RED)

Cybersecurity Services for Developing More Secure Products for the European Market

Cybersecurity Services for Radio Equipment Directive (RED)

The European Commission (EC) has announced the adoption of a Delegated Act to the Radio Equipment Directive (RED) (2022/30), which establishes different cybersecurity requirements that manufacturers, importers and distributors must meet to market their wireless devices and products in the European Union. This Delegated Act (referred to in Article 3(3) of RED) aims to ensure a higher level of cybersecurity in such devices, and to strengthen consumers' confidence in them. In this context, most wireless devices and products will have to meet Radio Equipment Directive (RED) Delegated Act for cybersecurity to be marketed in the European Union.
These new obligations focus on:
Improving network resilience

(Article 3 (3) (d))

Personal data protection

(Article 3 (3) (e))

Reducing monetary fraud

(Article 3 (3) (f))

The type of wireless products affected by these new cybersecurity requirements are products such as, mobile phones, tablets, toys, baby monitors, childcare equipment, smart watches, fitness trackers and other kinds of wearable devices, as well as any products capable of communicating over the internet by themselves or through others (indirect internet connection). Radio-connected automotive products are also partially subject to this regulation (Article 3(3)(d) only).
This Delegated Act was adopted by the European Commission (EC) in October 2021, entered into force in January 2022 and will be fully applicable from August, 2025. The EC has also promoted the creation of new standards based on the requirements of this new Delegated Act.

DEKRA Solutions for RED Delegated Act (RED-DA)

The standards for Red Delegated Act (RED) cybersecurity have been completed and published In August 2024. Harmonization of these standards is still pending, so getting a European Union Technical Examination Certificate (EU-TEC) from a Notified Body is currently mandatory to show compliance with RED Delegated Act.
Security Evaluation Based on CEN/CENELEC Standards:
At DEKRA, we evaluate the security level of your device according to technical requirements defined in the standards developed and published by CEN/CENELEC:
  • EN 18031-1 for requirement 3(3)(d).
  • EN 18031-2 for requirement 3(3)(e).
  • EN 18031-3 for requirement 3(3)(f).
Independent Cybersecurity Testing and Certification
EU Notified Body for Radio Equipment Compliance

Why DEKRA

DEKRA's comprehensive cybersecurity portfolio contributes to navigating the complexities of cybersecurity and safeguarding your digital future. As experts in testing and certification service, we support to developing cybersecurity standards and regulations by being members of standards organizations and industry alliances, including RED-DA standards developed by CEN/CENELEC JTC13/WG8 and the upcoming standards for Cyber Resilience Act (CRA) to be developed by JTC13/WG9. By leveraging our extensive expertise, we provide services to protect your digital assets and ensure regulatory compliance, which provides access to the market worldwide while building trust with your customers.
Contact us