certificate for iot products protected privacy... global competence center iot privacy tÜv...
TRANSCRIPT
www.tuv.com/en/iot-privacy
Certificate for IoT productsProtected Privacy
www.tuv.com/en/iot-privacy
Global Competence Center IoT Privacy
TÜV Rheinland i-sec GmbH Am Grauen Stein, 51105 Cologne Tel. +49 221 806-0 [email protected]
Certificate for IoT products Protected Privacy
® T
ÜV,
TU
EV
an
d T
UV
are
reg
iste
red
tra
dem
arks
. Uti
lisat
ion
an
d a
pp
licat
ion
req
uir
es p
rio
r ap
pro
val.
06.
2018
BASIS OF IOT PRIVACY CERTIF ICATES
With nearly all IoT products and services, data from the user‘s private sphere are transmitted to the provider. Therefore, current European data protection laws and regulations must be observed.
Based on this TÜV Rheinland has developed a test catalogue. In addition, requirements are taken into account that are not legal requirements, but which greatly serve the interests of consumers.
We can therefore provide professional evaluation of IoT products and services. The requirements can be tested both in Germany and internationally in our test laboratories. If the tests are passed, the IoT provider can obtain a certificate.
CERTIF ICATE FOR IOT PRODUCTS
We can offer you ”Protected Privacy“, our in-house developed test program relating to data protection and information security. Focal point of ”Protected Privacy“ Certification here focuses on the hardware and firmware of the device, and its communication with the outside world. If relevant, an app will also be examined during the product test and binding manu- facturer‘s specifications relating to data use will be required.
The figure on the right provides an overview of the tested requirements.
OVERVIEW OF CERTIF ICATE REQUIREMENTS
CERTIF ICATION IN A SYSTEM CONTEXT
Product testing does not include a detailed test of all product-related services for the user. The “Protected Privacy“ Service Certificate is available in this case. Providers who market a complete system comprising products and service show that the processing of personal data is followed by high standards of data protection and data security.
You can find more information on all services relating to the IoT and data protection online at: www.tuv.com/en/iot-privacy
· Privacy by default settings
· Updatable
· Operation possible
without the Internet
· Resettable to factory
default settings
Device
· Encrypted data transmission
· Secure pairing (e.g. Bluetooth)
· Configurable Internet access
Local communication
· Procedure for secure
device configuration
· Encrypted data transmission
· Management of the gateway
configuration
Online communication
· Privacy by default settings
· Secure registration, login
· Prevention of reverse
engineering
App
· Approval management
· Prohibition on coupling
· Data deletion
· Access to protected services
Use of data