The German Federal Office for Information Security (BSI) introduced a new IT security label that manufacturers of smart consumer products can register for. This label for IT products is intended to provide more orientation in the consumer market and transparency when it comes to IT product security, helping consumers make informed purchasing decisions.
These are further details:
- The new IT security label applies to the product category of Internet of Things (IoT) devices such as smart cameras, speakers, cleaning and gardening robots, toys or smart TV products.
- These smart products can pose a risk to the information security and privacy of users and are a popular target for cyber-attacks, including the risk to obtain and misuse personal data, among others.
- The security requirements of this product label include secure authentication mechanisms, proper update management, and securing communications.
- It has already been possible to apply for IT security labels for the first two product categories of ‘broadband routers’ and ‘e-mail services’ since December 2021. This will be extended to include further five categories, such as smart home automation.
Arne Schönbohm, BSI President, said: "The IT security label now also creates transparency in the areas of smart home multimedia and smart toys, providing guidance for informed purchasing decisions and promoting protection against cybercrime. The IT security label for smart toys also benefits the particularly vulnerable user group of children and young people. We are thus sending a clear signal to the consumer market that information security is an important argument in the decision to buy and use IT products. With ETSI EN 303 645, we have selected a European security standard as a basis, which we developed together with industry representatives and partners in European standardization work. We are thus making a valuable contribution to the European debate on cyber security in consumer devices and are convinced that the IT security mark represents an essential step towards greater security and transparency in these areas."