Global Certification Forum launches new accreditation initiative for Consumer IoT Security
Global Certification Forum (GCF) today announced it has launched a consumer IoT security accreditation programme which is available to any consumer IoT product manufacturer, regardless of membership status within the GCF ecosystem. The new programme will ensure that products comply with requirements specified by the industry, specifically the recently released ETSI EN 303 645 standard for cybersecurity, which is designed to prevent ongoing, large-scale attacks on consumer IoT products. Internet-connected products that will benefit from this major step in advancing baseline security and privacy include, for example, smart door locks, TVs, wearables, connected home automation and appliances, as well as connected toys and baby monitors.
GCF has been working closely with its partners to ensure that the industry actively addresses all aspects of security in this market to keep pace with the evolution of the technology. Certification is an extremely important step in the process of improving security, although standards and testing requirements are still in the early stages of adoption and enforcement. The new initiative offers a streamlined process that provides the manufacturer with the ability to self-accredit by filling out a security compliance declaration for any consumer IoT product, not just those supporting 3GPP technologies. The three main security provisions requiring compliance initially cover: no universal default passwords, implementing a means to manage reports of vulnerabilities and keeping software updated, with further provisions to be added as industry adoption proliferates.
“GCF has always had good visibility of trends in certification for all industry verticals, but having a trusted, globally recognised programme for consumer IoT products is critical for consumers as interconnected devices become more pervasive in our lives,” said Asif Hamidullah, Head of IoT and Verticals at GCF. “We have worked with key industry partners to help move security throughout the entire supply chain higher up the agenda, and this new initiative is just the start of a serious campaign to reduce the real ongoing threat to consumer privacy and security.”
“All Governments have the same concerns when it comes to the safety and security of their citizens,” said David Rogers, CEO of Copper Horse and Chair of the GSMA Fraud and Security Group. “Organisations like GCF are crucial parts of the puzzle when it comes to providing industry with solutions that will work for today’s connected consumer products, whilst also delivering a solid foundation for the future of IoT.”
GCF certification and compliance programmes are market-driven and there is more to be achieved in the consumer connected products market. Organisations that are interested in shaping the future of standards and regulation should get in touch at [email protected]
For more information on GCF global accreditation for consumer IoT security go to: https://iotsecurity.globalcertificationforum.org