The Global Certification Forum (GCF) launched a consumer IoT security accreditation programme which is available to any consumer IoT product manufacturer, regardless of membership status within the GCF ecosystem. The new programme will ensure that products comply with requirements specified by the industry, specifically the recently released ETSI EN 303 645 standard for cyber-security, which is designed to prevent ongoing, large-scale attacks on consumer IoT products. Internet-connected products covered by this programme include, for example, smart door locks, TVs, wearables, connected home automation and appliances, as well as connected toys and baby monitors.
GCF said it has been working closely with its partners to ensure that the industry actively addresses all aspects of security in this market to keep pace with the evolution of the technology. The new initiative allows the manufacturers to self-accredit by filling out a security compliance declaration for any consumer IoT product, not just those supporting 3GPP technologies. The three main security provisions requiring compliance initially cover: no universal default passwords, implementing a means to manage reports of vulnerabilities and keeping software updated, with further provisions to be added as industry adoption proliferates.
Every day we send out a free e-mail with the most important headlines of the last 24 hours.
Subscribe now
We welcome comments that add value to the discussion. We attempt to block comments that use offensive language or appear to be spam, and our editors frequently review the comments to ensure they are appropriate. If you see a comment that you believe is inappropriate to the discussion, you can bring it to our attention by using the report abuse links. As the comments are written and submitted by visitors of the Telecompaper website, they in no way represent the opinion of Telecompaper.