RED Consulting Services
Secure connected devices, ready for the EU market
RED 2025: A New Cybersecurity Mandate for Connected Devices
To strengthen the cybersecurity of wireless and internet-connected devices, the European Commission has introduced new mandatory requirements under the Radio Equipment Directive (RED) 2014/53/EU, coming into force on August 1, 2025. From that date, all such products placed on the EU market must comply with RED Article 3.3, which introduces specific obligations to protect communication networks, safeguard personal data, and prevent electronic fraud.
EN 18031: Your Compliance Blueprint for Article 3.3
The RED regulation introduces three key cybersecurity requirements:
- Network protection – Devices must not harm or interfere with communication networks.
- Personal data protection – Products must include safeguards to prevent unauthorized access to user information.
- Fraud prevention – Devices that handle payments must have strong security features to stop fraud.
The EN 18031 standard series provides the technical framework to meet these requirements. Manufacturers that fully apply EN 18031 may self-declare conformity; however, if any restricted clauses apply, certification by a Notified Body becomes mandatory unless strict conditions are met.
Scope and Affected Products
- Internet-connected radio equipment, including consumer electronics like smartphones, tablets, telecommunication devices, and Internet of Things (IoT) products.
- Radio equipment intended as toys or childcare products, such as wireless-enabled baby monitors.
- Wearable radio equipment, including devices like smartwatches and fitness trackers.
Our RED Consulting Services
RED Directive Compliance Assessment
Cybersecurity Risk Assessment for Radio Equipment
Product Security-by-Design Advisory
RED Cybersecurity Policy & Process Review
- Show more
How Yarix Supports You
Meeting the new RED requirements is not just about checking boxes. It requires a strategic and well-documented approach to security. Yarix provides complete support through every phase of compliance.
Product Scope Assessment We help you determine whether your product falls within RED’s cybersecurity requirements.
Gap Analysis Our team evaluates your current security posture against EN 18031 standards and identifies necessary changes.
Notified Body Engagement We assist with selecting and coordinating with Notified Bodies, especially if alternative standards or restricted clauses are involved.
Technical Documentation & Market Readiness Yarix supports the creation of compliant documentation and helps ensure all design, testing, and security elements are in place by the August 2025 deadline.
Training and Workshops We offer hands-on learning to internal teams on RED, EN 18031, and product-specific implementation strategies.
Product Design Review We review your product’s architecture, interfaces, and data flows against the finalized EN 18031 requirements to ensure that cybersecurity is embedded early in the design. This helps align your development with RED expectations and supports a security-by-design approach before market entry.