EU Cybersecurity Certification Scheme on Common Criteria

Trusted EU-wide cybersecurity certification for ICT products

HomepageBusiness CustomersAll ServicesDigital & Product SolutionsCybersecurity ServicesICT CybersecurityEUCC Certification Scheme

EUCC Certification Scheme

What is EUCC Certification Scheme?

The EU Common Criteria Certification (EUCC) scheme, established under the products, services, and processes across the European Union. This scheme is based on Common Criteria (ISO/IEC 15408) and Common Evaluation Methodology (ISO/IEC 18045) and ensures robust security, fosters trust, and facilitates the free movement of certified products within the EU.
DEKRA is a Conformity Assessment Body (CAB) consisting in an accredited Certification Body (CB) and Information Technology Security Evaluation Facility (ITSEF) operating under the EUCC scheme at substantial assurance level.

Our Services

The EUCC CAB provides certification for ICT products under the EUCC scheme, covering a wide range of products such as software, network devices, smart cards, and hardware devices. Focused on a "Substantial level" (AVA_VAN.3) of security, DEKRA offers the following services:
In addition to initial certification, DEKRA offers full coverage of the certification lifecycle including certificate’s maintenance and monitoring services (each 2 years), which help to maintain the validity of the certificate throughout the product lifecycle. These services include re-assessment, maintenance, patch management, and certificate review.
A Holistic & Trusted Approach to Digital Security
Gain actionable insights from this panel discussion on how to demonstrate the cybersecurity of ICT products across the EU.
All the certificates will be publicly available in DEKRA's Certificates Directory.
Whilst DEKRA has its own laboratory to perform the evaluation activity, this labor can be externalized to another laboratory through legally binding agreements. Subcontractors (ITSEFs), must be independent, ISO/IEC 17025 accredited, and adhere to EUCC requirement. The CB oversees subcontractor activities via a Technical Manager, who monitors qualifications, collects records of assessments, addresses non-conformities, and ensures compliance with operational procedures.
Why DEKRA is the Right Partner for EUCC Certification
Proven Expertise in Common Criteria (CC) Evaluations

With years of hands-on experience in CC evaluations, we bring deep technical know-how and a robust certification process you can trust.

Quality You Can Rely On

Every evaluation is thorough, consistent, and aligned with both regulatory requirements and market expectations.

Client-Focused Support

We adapt the certification process to your product, business model, and timeline. Our approach makes EUCC certification clearer and faster.

Related Services

Common Criteria ISO/IEC 15408

Common Criteria is a Certification Framework to evaluate and certify cybersecurity requirements in IT products.
Details

Cloud Application Security Assessment

Ensure your data security with CASA, preventing threats and increasing consumer trust.
Details

FIPS 140-3 Certification

At DEKRA, we guide our customers through the FIPS 140-3 certification process, performing validation testing and providing timely and professional support.
Details

ISO/IEC 19790

DEKRA's private certification scheme provides a framework for certifying cryptographic modules, offering transparency to users and stakeholders.
Details

eIDAS 2.0

We help trust service providers and organizations comply with eIDAS 2.0 Regulation through expert audit services that strengthen digital identity security.
Details

LINCE-Certification

Qualify your ICT products with LINCE certification for inclusion in the Spanish CPSTIC product catalogue and comply with national IT security requirements.
Details
Cybser

Cybersecurity Testing & Certification

Cybersecurity Evaluations and Certifications for a Safe, Secure and Reliable Future.
Details
Contact
Share page :