Link to Content Area
::: Home | Sitemap | FAQs | Contact Us | Contact Points | 中文版

NATIONAL COMMUNICATIONS COMMISSION

Hot KeyWords: 4GType Approval 
Set up:
Font size:
Example:
NATIONAL COMMUNICATIONS COMMISSION
:::
::: Home > News > News

News

Issue Date:2019/02/09

Ensuring security by purchasing products with“IoT Security Certification Label.”

  When selecting which connected device to purchase, such as IP Cam, wireless router, or Wi-Fi AP, asides from function and price, consumers should also pay attention to whether the device has obtained the “IoT Security Certification Label” (as shown in the attached figure), which is being jointly promoted by NCC and Ministry of Economic Affairs (MoEA).

  The number of stars on the certification label indicates the security level of the IoT device; three stars means that the test results of the product passed an advanced level of security protection. The main purpose of such grading is to respond to various circumstances of use. For general users, products with one or two stars should be safe enough, but government agencies or those installing critical infrastructure should select products with at least two stars.

  NCC has expressed that in recent years, IoT services have increased significantly and have expanded into various areas such as smart cities, transportation, energy, and healthcare. Although these innovative services have brought us unprecedented levels of convenience, ongoing security incidents underscores the security risks. According to the Global Risk Report 2018 released by the WEF, since 2017, the likelihood and impact of cyberattacks have risen drastically. Faced with increasing cyber threats and under the guidance of the Executive Yuan's Department of Cyber Security, NCC has cooperated with the MoEA to promote the security inspections mechanism of IoT devices and protect consumer rights.

  The NCC stated that there is no consistent international practice for security testing of IoT devices. Thus, our security testing mechanism is not mandatory; rather, it is undertaken voluntarily by the manufactures. Certified equipment will be issued with a certification label and be announced on information security promotion website of NCC (https://ise.ncc.gov.tw/) so as to provide consumers with reference when choosing products, and also encourage device designers, manufacturers, and service providers to pay more attention to the security protection of their connected equipment.

  The NCC further stated that the essence of information security is risk control and the concept of relative security. Although IoT devices with certification label signify a certain level of security protection, due to the continuous emergence of security incidents and changes in the manner of attacks, security vulnerabilities may still be discovered afterwards.

  Therefore, it is suggested that the public should also cultivate good user habits (such as regularly updating password and firmware, etc.) to ensure their own rights and interests can be protected.

IoT Security Certification Label
NATIONAL COMMUNICATIONS COMMISSION
  • accessible website level AA
  • e government

RenAi Rd. Office : No.50, Sec. 1, RenAi Rd., Taipei City 10052, Taiwan (R.O.C.)RenAi Rd. Office

Toll Free : +886-800-177177, Fax : +886-2-23433994

JiNan Rd. Office : No.16, Sec. 2, JiNan Rd., Taipei City 10054, Taiwan (R.O.C.)JiNan Rd. Office

Toll Free :

Telecom Complaints only : +886-800-177177 Press 1 and then 1 again

Cable TV Complaints only : +886-800-177177 Press 2

Content Complaints only : +886-800-177177 Press 3

2018 © All rights reserved by The NCC Information Security and Privacy Statement

Best viewed with IE 10.0 or higher with 1024 x 768