Cybersecurity services for RED

Cybersecurity services for Radio Equipment Directive (RED)

Most wireless devices and products will have to meet Radio Equipment Directive (RED) Delegated Act for cybersecurity to be marketed in the European Union.

The European Commission (EC) has announced the adoption of a Delegated Act to the Radio Equipment Directive (RED), which establishes different cybersecurity requirements that manufacturers, importers and distributors must meet to market their wireless devices and products in the European Union. This Delegated Act (referred to in Article 3(3) of RED) aims to ensure a higher level of cybersecurity in such devices, and to strengthen consumers' confidence in them.
These new obligations focus on:
  • Improving network resilience (Article 3(3)(d)).
  • Increasing users' personal data and privacy protection (Article 3(3)(e)).
  • Reducing monetary fraud (Article 3(3)(f)).
The type of wireless products affected by these new cybersecurity requirements are products such as, mobile phones, tablets, toys, baby monitors, childcare equipment, smart watches, fitness trackers and other kinds of wearable devices, as well as products capable of communicating themselves or by using others over the internet.
This Delegated Act was adopted by the European Commission (EC) in October 2021 and will enter into force in August, 2025. The EC also plans to create new harmonized standards based on the requirements of this new Delegated Act.

How can we support you

The harmonized standards for RED cybersecurity are yet in development. In the meantime, manufacturers are recommended to start already preparing their products to meet the obligations established in the Delegated Act of RED and to be ready when it becomes mandatory.

At DEKRA, we evaluate the security level of your device according to technical requirements defined in existing cybersecurity standards that are likely to be the basis for the future harmonized standards for the RED Delegated Act, such as ETSI EN 303 645 and IEC 62443-X series.
We are an independent third-party laboratory accredited to test and certify the cybersecurity of products according to ETSI EN 303 645 and IEC 62443-X.
If your product meets these cybersecurity requirements, we can certify its compliance and issue a DEKRA Type Approval Seal to prove its security level to end customers.
In addition, DEKRA is an EU Notified Body for the Radio Equipment Directive and is recognized for radio and telecommunications testing under the IECEE's CB scheme. Therefore, we can support you in complying with the requirements of the Radio Equipment Directive in conjunction with other regulations and standards applicable to radio equipment and devices.