The core purpose of the EU Radio Equipment Directive (CE-RED) certification is to ensure radio equipment placed on the EU market meets unified safety, health, and environmental protection standards, particularly the increasingly important cybersecurity requirements with the proliferation of IoT devices. Below, I outline the core certification information as of 2025, including the latest mandatory cybersecurity standards.
First, you need to understand the scope and legal basis to determine if your product requires certification.
1.Geographical Scope: Certification is mandatory for the 30 countries of the European Economic Area (EEA), including the 27 EU countries plus Iceland, Norway, and Liechtenstein.
2.Product Scope: All devices with wireless communication functions require CE-RED certification. Examples include:
·Consumer Electronics (mobile phones, Bluetooth headsets, smartwatches)
·IoT Devices (smart cameras, wireless sensors)
·Industrial Equipment (drone remote controllers, wireless payment terminals)
·Computers & Peripherals (routers, laptops)
3.Legal Basis: Certification is based on the EU's Radio Equipment Directive (RED, 2014/53/EU)**. This directive is the mandatory "market access rule" for radio equipment entering the EU market.
2025 Core New Regulation: Mandatory Cybersecurity Upgrade
The most significant change in 2025 for CE-RED certification is the mandatory enforcement of cybersecurity requirements. Starting August 1, 2025, all applicable wireless devices must comply with the **EN 18031 series of cybersecurity standards, otherwise they will be prohibited from sale in the EU market. This new regulation is implemented through RED Directive Articles 3.3(d), (e), (f). Its specific requirements are as follows:
Standard Sub-item Core Requirements Corresponding Legal Clause
EN 18031-1 (General Devices) DDoS attack prevention, secure update mechanism, disable default passwords Article 3.3(d): Equipment must not harm networks or misuse network resources
EN 18031-2 (Children's/Wearable Devices) Mandatory AES-256 encryption, location data protection, parental access control Article 3.3(e): Protection of personal data and privacy
EN 18031-3 (Payment Terminals) Transaction data verification, physical tamper-resistant design, multi-factor authentication Article 3.3(f): Capabilities to prevent fraud
To meet the new standards, certification processes now include additional test items like Penetration Testing (simulating hacker intrusion) and Firmware Security Audits (vulnerability code scanning).
CE-RED Certification Process and Key Steps:
The complete CE-RED certification process involves multiple stages. The chart below provides a clear overview:
[Visual flowchart would be inserted here depicting: 1. Preparation -> 2. Lab Testing -> 3. Certification Application & Review -> 4. (If High Risk) Notified Body Secondary Review -> 5. Certificate Issuance & CE Marking -> 6. Post-Market Surveillance]
Let's break down each stage:
1.Preparation Stage:
·Determine product applicability and identify relevant standards based on frequency bands, power, etc.
·Prepare technical documentation, including user manual in required languages, circuit diagrams, risk assessment report, component list, etc.
2.Laboratory Testing Stage:
Test items typically include:
·RF Performance: e.g., 2.4GHz devices must comply with EN 300 328.
·Electromagnetic Compatibility (EMC): Conducted per standards like EN 55032 for radiated emissions.
·Electrical Safety (LVD): Testing per EN 62368-1.
·Health Protection (SAR): For devices used close to the body (e.g., phones), Specific Absorption Rate assessment is needed.
·Cybersecurity Special Items: Testing per the EN 18031 series standards.
3.Certification Application & Review:
·After successful testing, the lab submits the report for review.
·For standard products, review by the lab may suffice for certification issuance.
·For high-risk or complex devices** (e.g., devices without passwords, children's toys, payment terminals), mandatory secondary review by an EU Notified Body is required, leading to a certificate with an NB number.
4.Certification Obtainment & Market Surveillance:
·After certification, products must permanently bear the CE mark (height ≥5mm), and the manual must declare compliance with EN 18031.
·Manufacturers must keep technical documentation for at least 10 years for EU market surveillance authority checks.
CE-RED Certification Timeline and Cost Estimation:
Understanding the timeline and cost aids project planning.
·Certification Cycle: The standard process typically takes **4-8 weeks**. Failed tests requiring rectification can extend the cycle by 2-3 months for complex issues.
·Cost Composition: Certification costs mainly consist of:
Testing Fees: Approximately $15,000–$25,000 (costs may be lower using Chinese labs).
Certification Issuance Fees: Approximately $5,000–$8,000.
Other potential costs: Notified Body fees (if applicable), EU Authorized Representative fees, etc.
CE-RED Certification Strategies and Key Reminders:
To help you complete certification smoothly, pay special attention to:
1.Optimize Certification Strategy:
·Prioritize Using Certified Modules: Using core communication modules (e.g., Wi-Fi, Bluetooth) already certified for RED (including EN 18031) during product design can significantly simplify the final product certification process.
·Conduct Preliminary Gap Analysis: About 80% of products need design modifications during formal testing. Conducting preliminary testing 6-12 months in advance is recommended to identify and fix issues early.
·Leverage "Family Models": If subsequent products only change casing/color with no major hardware/firmware changes, use "Family Models" to extend certification without full retesting.
2.Avoid Potential Risks:
·Never Sell Without Certification: Products without certification or non-compliant with new rules (especially EN 18031) face sales bans, customs detention/destruction**, and potential fines up to 4% of annual global turnover.
·Monitor Certificate Maintenance: While CE-RED certificates have no fixed validity period, they require re-testing or additional testing if product hardware changes or EU standards update (approx. every 5 years).
We hope this detailed overview helps you fully understand the latest developments in EU CE-RED certification. If you can share more specific product types (e.g., Bluetooth headset, smartwatch, or industrial router), BLUEASIA Tech: 13632500972 will provide professional certification consulting services!
Related News
