Consumer IoT

Implement Secure by Design/Default with our team of experts’ help

Click here to find our talks related to Consumer IoT Cybersecurity offered in the most relevant events
By sending your data you allow us to use it to resolve your doubts by sending you commercial information of interest. We will delete it when they are no longer necessary for this matter. Know your rights in our Privacy Policy.

Consumer Internet of Things (IoT)

The Consumer IoT refers to the billions of physical personal devices, such as smartphones, wearables, fashion items and the growing number of smart home appliances, that are now. connected to the internet, collecting and sharing data.

Security is a big concern for IoT Deployment. Everyone recognises there is a problem, but exactly how to solve it is not yet clear. The reality is that security is not implemented in many current IoT products and it’s necessary to start applying security frameworks to solve this problem.

Having products already evaluated means that the product has met some cybersecurity requirements to ensure a degree of security from cyber threats, also helps with consumer confidence in the security of commonly used everyday products connected to the internet like smart home assistants, smart cameras, TVs, speakers, toys…


ETSI EN 303 645 is one of the first consistent global standard for IoT cybersecurity. The standard presents an achievable, single target for manufacturers and IoT stakeholders to attain. The ETSI EN 303 645 also helps with consumer confidence in the security of everyday products that connect to the internet.

It is possible to assess the security of IoT devices verifying the level of compliance of the device to standards such as ETSI EN 303 645:

  • ETSI Cyber Security for Consumer Internet of Things: The ETSI Technical Committee on Cybersecurity (TC CYBER) has released EN 303 645, an European standard for cybersecurity in the Internet of Things, to establish a security baseline for internet-connected consumer products and provide a basis for future IoT certification schemes.

ETSI EN 303 645 includes a non-exhaustive list of examples of consumer IoT devices which comprises:

  • connected children's toys and baby monitors
  • connected smoke detectors, door locks and window sensors
  • IoT gateways, base stations and hubs to which multiple devices connect
  • smart cameras, TVs and speakers
  • wearable health trackers
  • connected home automation and alarm systems, especially their gateways and hubs
  • connected appliances, such as washing machines and fridges
  • smart home assistants

Do not hesitate to call us to get more information about our consumer IoT assessment services. Our expert team will evaluate your product or will help you to identify the security requirements applicable to your product against ETSI EN 303 645.


This standard is designed to test the cybersecurity level of Consumer Iot products. It has two clearly defined phases that include a series of documents that must be drafted in each of them:

Consulting: This is the first part of the project and the hardest one. In it, it is necessary to develop the SO Statement, which is a document that includes the identification of the DUT (Device Under Test), the creation of the Implementation Conformance Statement (ICS) and the Implementation Extra Information for Testing (IXIT). This phase could be done by the company itself wishing to carry out the assessment or by a consulting firm specialized in the standard.

Evaluation: This phase should be performed by an accredited lab that will carry out the assessment of the DUT under the ETSI TS 103 701 guideline, the assessment specification developed by ETSI that specifies conformance tests and methodology for assessing devices against EN 303 645.

What we offer


    We assess the compliance of your consumer component to the most recognized standard of the market ETSI EN 303 645. The evaluation service will verify if your implementation meets the requirements of the standard.

    A full report will be provided describing how each requirement is met by your device.

    This service will support you to ensure third parties that you meet the industry standards.

  2. 2. ETSI EN 303 645 CONSULTANCY

    We offer you the maximum support to help you to meet the standard.

    ETSI EN 303 645 Consulting service consist of generating all the required documentation and support you to develop your product saving your time, money and resources.

    Designing secure consumer IoT devices may be a significant challenge for an organization, jtsec supports you during the full process to meet your security objectives. This service may include gap analysis, document preparation or security design review.

They already trusted us. Let's talk!