Cookie consent(s)
We use cookies to personalize content and ads, provide social media features, and analyze traffic. This is done only with your explicit consent. By clicking "ACCEPT ALL," you agree to the processing and sharing of your data with our partners for social media, advertising, and analytics, including in third countries in accordance with Art. 49(1)(a) GDPR and Art. 17(1)(a) FADP (Switzerland). There is a risk that your data may be monitored by authorities without legal recourse. You can change or revoke your consents at any time in the data privacy settings .
Data protection declaration | Legal notices
Settings
EU Cybersecurity Certification Scheme on Common Criteria (EUCC)

Trusted EU-wide cybersecurity certification for ICT products

Contact us

EU Cybersecurity Certification Scheme on Common Criteria (EUCC)

What is EUCC Certification?

The EU Common Criteria Certification (EUCC) scheme, established under the products, services, and processes across the European Union. This scheme is based on Common Criteria (ISO/IEC 15408) and Common Evaluation Methodology (ISO/IEC 18045) and ensures robust security, fosters trust, and facilitates the free movement of certified products within the EU.
DEKRA is a Conformity Assessment Body (CAB) consisting in an accredited Certification Body (CB) and Information Technology Security Evaluation Facility (ITSEF) operating under the EUCC scheme at substantial assurance level.

Our Services

The EUCC CAB provides certification for ICT products under the EUCC scheme, covering a wide range of products such as software, network devices, smart cards, and hardware devices. Focused on a "Substantial level" (AVA_VAN.3) of security, DEKRA offers the following services:
ICT Product Certification
Assurance Continuity
Surveillance and Monitoring Activities
Conformity and Compliance
EUCC Vulnerability Management and Disclosure
In addition to initial certification, DEKRA offers full coverage of the certification lifecycle including certificate’s maintenance and monitoring services (each 2 years), which help to maintain the validity of the certificate throughout the product lifecycle. These services include re-assessment, maintenance, patch management, and certificate review.
EUCC Application Form
Ready for your certification?
Download the application form here!
All the certificates will be publicly available in DEKRA's Certificates Directory .
Whilst DEKRA has its own laboratory to perform the evaluation activity, this labor can be externalized to another laboratory through legally binding agreements. Subcontractors (ITSEFs), must be independent, ISO/IEC 17025 accredited, and adhere to EUCC requirement. The CB oversees subcontractor activities via a Technical Manager, who monitors qualifications, collects records of assessments, addresses non-conformities, and ensures compliance with operational procedures.
Why DEKRA is the Right Partner for EUCC
Related Services
Common Criteria ISO/IEC 15408
Common Criteria is a Certification Framework to evaluate and certify cybersecurity requirements in IT products.
Details
Cloud Application Security Assessment
Ensure your data security with CASA, preventing threats and increasing consumer trust.
Details
FIPS 140-3 Certification
At DEKRA, we guide our customers through the FIPS 140-3 certification process, performing validation testing and providing timely and professional support.
Details
ISO/IEC 19790
DEKRA's private certification scheme provides a framework for certifying cryptographic modules, offering transparency to users and stakeholders.
Details
eIDAS 2.0
We help trust service providers and organizations comply with eIDAS 2.0 Regulation through expert audit services that strengthen digital identity security.
Details
LINCE-Certification
Qualify your ICT products with LINCE certification for inclusion in the Spanish CPSTIC product catalogue and comply with national IT security requirements.
Details
Cybersecurity Testing & Certification
Cybersecurity Evaluations and Certifications for a Safe, Secure and Reliable Future.
Details