The Global Certification Forum (GCF) has launched a consumer IoT security accreditation programme that is available to any consumer IoT product manufacturer, regardless of membership status within the GCF ecosystem.

The programme should ensure that products comply with requirements specified by the industry, specifically the recently released Etsi EN 303 645 standard for cyber security, which is designed to prevent on-going, large-scale attacks on consumer IoT products.

Internet-connected products that will benefit from this step in baseline security and privacy include smart door locks, TVs, wearables, connected home automation and appliances, connected toys, and baby monitors.

The GCF has been working closely with its partners to ensure the industry actively addresses all aspects of security in this market to keep pace with the evolution of the technology. Certification is an important step in the process of improving security, although standards and testing requirements are still in the early stages of adoption and enforcement.

“The GCF has always had good visibility of trends in certification for all industry verticals, but having a trusted, globally recognised programme for consumer IoT products is critical for consumers as interconnected devices become more pervasive in our lives,” said Asif Hamidullah, head of IoT and verticals at the GCF. “We have worked with key industry partners to help move security throughout the entire supply chain higher up the agenda, and this new initiative is just the start of a serious campaign to reduce the real on-going threat to consumer privacy and security.”

The initiative offers a streamlined process that provides the manufacturer with the ability to self-accredit by filling out a security compliance declaration for any consumer IoT product, not just those supporting 3GPP technologies. The three main security provisions requiring compliance initially cover no universal default passwords, implementing a means to manage reports of vulnerabilities and keeping software updated, with further provisions to be added as industry adoption proliferates.

“All governments have the same concerns when it comes to the safety and security of their citizens,” said David Rogers, CEO of Copper Horse and chair of the GSMA fraud and security group. “Organisations like the GCF are crucial parts of the puzzle when it comes to providing industry with solutions that will work for today’s connected consumer products, while also delivering a solid foundation for the future of IoT.”

Founded in 1999, the GCF is a non-profit, global, membership driven organisation that has been shaping the industry with mobile technology at the core. It has more than 300 members from major operators, MVNOs, device and IoT manufacturers, and the test industry.