Regarding the standards and items for EU CE-RED certification, a major change occurred in 2025, primarily the mandatory cybersecurity requirements that officially took effect on August 1, 2025. This means all wireless devices entering the EU market must now pass newly added cybersecurity item tests, in addition to meeting traditional RF, safety, and EMC requirements.
The table below compiles the core certification items and standards you need to focus on as of October 2025.
Certification Item Category Core Standard Example/Basis Key Test Content & Focus Points
RF Performance e.g., EN 300 328 (2.4GHz WiFi/Bluetooth) Ensure device operates within designated frequency bands and power limits, avoiding harmful interference to other devices.
Electromagnetic Compatibility (EMC) EN 301 489 series Evaluate device's immunity to interference and its own electromagnetic emission strength, ensuring stable operation in complex electromagnetic environments.
Electrical Safety (LVD) EN 62368-1 Focus on battery safety, insulation, etc., to prevent electric shock, overheating risks, protecting user safety.
Health Protection (SAR) EN 62479 / EN 62311 For devices used close to the body (e.g., phones, headsets), assess their electromagnetic radiation absorption rate.
Cybersecurity (2025 Mandatory Addition) EN 18031 series Detailed explanation below
Detailed Explanation of 2025 Core New Regulation: EN 18031 Cybersecurity Standards
The EN 18031 series are harmonized standards under the RED directive for cybersecurity, privacy, and fraud prevention. Their mandatory implementation is the current biggest compliance hotspot. They are divided into three parts, directly corresponding to RED directive legal articles:
EN 18031 Sub-standard Corresponding RED Directive Article Core Requirements & Applicable Equipment
EN 18031-1 Article 3.3(d): Equipment must not harm networks or their function nor misuse network resources. Primarily targets devices capable of connecting to the internet independently (e.g., phones, smart appliances). Requires capabilities like DDoS attack prevention, secure update mechanisms.
EN 18031-2 Article 3.3(e): Equipment must incorporate safeguards to ensure personal data and privacy of users are protected. Applies to devices processing personal data, e.g., wearables, child monitoring devices, toys. Requires mandatory encryption (e.g., AES-256), location data protection, parental control functions.
EN 18031-3 Article 3.3(f): Equipment must support certain fraud prevention functions. Targets devices allowing monetary transactions (e.g., payment terminals, cryptocurrency hardware wallets). Requires transaction data verification, physical tamper-resistant design, multi-factor authentication.
Important Limitations and Exemptions:
·Key Limitations: To use the "Self-declaration" path (avoiding Notified Body involvement), specific conditions must be met. For example, devices cannot allow users to have no password; children's devices must ensure parental access control.
·Exemption Scope: Equipment in specific domains like medical devices, civil aviation equipment, motor vehicles are exempt from Articles 3.3(e) and (f) requirements, but generally still need to comply with Article 3.3(d) (Network Harm).
Severe Consequences of Non-Compliance:
Starting August 1, 2025, non-compliant products will be banned from sale in the EU market. Violations can lead to product removal, recalls, and potential fines up to 4% of the company's global annual turnover. Importers and distributors failing to verify product compliance will also share liability.
We hope this overview of EU CE-RED certification standards and items helps you better cope with the new regulations. If you can share your specific type of wireless product (e.g., Bluetooth speaker, smartwatch, or industrial router), BLUEASIA Tech: 13632500972 will provide professional certification consulting services!
Related News
