www.tuv.com/en/iot-privacy

Certificate for IoT productsProtected Privacy

www.tuv.com/en/iot-privacy

Global Competence Center IoT Privacy

TÜV Rheinland i-sec GmbH Am Grauen Stein, 51105 Cologne Tel. +49 221 806-0 service@i-sec.tuv.com

Certificate for IoT products Protected Privacy

® T

ÜV,

TU

EV

an

d T

UV

are

reg

iste

red

tra

dem

arks

. Uti

lisat

ion

an

d a

pp

licat

ion

req

uir

es p

rio

r ap

pro

val.

06.

2018

BASIS OF IOT PRIVACY CERTIF ICATES

With nearly all IoT products and services, data from the user‘s private sphere are transmitted to the provider. Therefore, current European data protection laws and regulations must be observed.

Based on this TÜV Rheinland has developed a test catalogue. In addition, requirements are taken into account that are not legal requirements, but which greatly serve the interests of consumers.

We can therefore provide professional evaluation of IoT products and services. The requirements can be tested both in Germany and internationally in our test laboratories. If the tests are passed, the IoT provider can obtain a certificate.

CERTIF ICATE FOR IOT PRODUCTS

We can offer you ”Protected Privacy“, our in-house developed test program relating to data protection and information security. Focal point of ”Protected Privacy“ Certification here focuses on the hardware and firmware of the device, and its communication with the outside world. If relevant, an app will also be examined during the product test and binding manu- facturer‘s specifications relating to data use will be required.

The figure on the right provides an overview of the tested requirements.

OVERVIEW OF CERTIF ICATE REQUIREMENTS

CERTIF ICATION IN A SYSTEM CONTEXT

Product testing does not include a detailed test of all product-related services for the user. The “Protected Privacy“ Service Certificate is available in this case. Providers who market a complete system comprising products and service show that the processing of personal data is followed by high standards of data protection and data security.

You can find more information on all services relating to the IoT and data protection online at: www.tuv.com/en/iot-privacy

· Privacy by default settings

· Updatable

· Operation possible

without the Internet

· Resettable to factory

default settings

Device

· Encrypted data transmission

· Secure pairing (e.g. Bluetooth)

· Configurable Internet access

Local communication

· Procedure for secure

device configuration

· Encrypted data transmission

· Management of the gateway

configuration

Online communication

· Privacy by default settings

· Secure registration, login

· Prevention of reverse

engineering

App

· Approval management

· Prohibition on coupling

· Data deletion

· Access to protected services

Use of data