EN 18031-3:2024
(NABL-Accredited Security Testing for Internet-Connected Radio Equipment)
Overview
EN 18031-3:2024 defines cybersecurity requirements for internet-connected radio equipment that enables users to transfer or manage monetary value or virtual currency.
This standard extends beyond EN 18031-1 and EN 18031-2, introducing specialized security mechanisms to address financial transaction security, cryptographic protection, and tamper resistance.
From 1 August 2025, EN 18031-3 compliance is required under RED for these product categories to achieve CE marking.
DeltaPhi Labs provides gap analysis, clause-by-clause testing, and technical documentation support to help manufacturers meet these obligations efficiently.
Devices Covered
Payment-enabled radio equipment
IoT devices handling financial or virtual currency transactions
Smart cards, secure wallets, or tokenization gateways with radio connectivity
Banking and fintech communication modules
Vending, retail, and ticketing systems with wireless interfaces
Any radio equipment handling monetary value or financial data
Compliance Standards
Our Testing aligns with
EN 18031-3:2024 – Common Security Requirements
Directive 2014/53/EU (RED) Article 3(3)(d)(e)(f)
ETSI EN 303 645 – Baseline IoT Security
ISO/IEC 27001 – Information Security Management
EN IEC 62443-4-2 — Industrial and component security framework
Key Benefits
Reduce Risk – Protect your business by hardening Radio Device against cyberattacks
Fast-track testing timelines for manufacturers with launch deadlines
Enhanced Security Posture – Strengthen resilience against exploits, fuzzing, and advanced threats
Full coverage of EN 18031-3 security clauses
Testing and evidence generation suitable for Notified Body or self-declaration
Global Visibility – Standards-aligned testing increases acceptance across international markets
Why Choose Deltaphi Labs?
NABL-accredited and officially recognized security testing laboratory
Fast-Track Testing – Accelerated timelines for OEMs under market pressure
Expertise in EN 18031-1, EN 18031-2, EN 18031-3 and RED cybersecurity
Trusted by Industry – Supporting device vendors, ISPs, and telecom operators for compliance
Clause-wise mapping and regulator-aligned reporting
FAQs – EN-18031-3 Certifications
Q1. Which devices require EN 18031-3 testing?
Any internet-connected radio equipment that handles or transfers monetary value or virtual currency, including payment, wallet, and fintech devices.
Q2. How does EN 18031-3 differ from EN 18031-1 and EN 18031-2?
EN 18031-3 introduces advanced security mechanisms specifically for financial transaction protection, cryptography, and key management.
Q3. Is EN 18031-3 compliance mandatory?
Yes. From 1 August 2025, EN 18031-3 compliance is mandatory under RED for these special categories.
Q4. What testing mechanisms are validated?
Access control, authentication, secure updates, secure storage, secure communications, logging, cryptographic key protection, equipment security, and cryptography.
Q5. What deliverables are provided?
Gap analysis, test case documentation, execution evidence, and final test reports suitable for CE technical files and notified body reviews.
Get a Quote – Fast-Track Your Certification
EN 18031-3 compliance is required for CE marking of payment and monetary value processing radio equipment from 1 August 2025.
Deltaphi Labs helps you:
Get quick quotations based on device type and features
Accelerate certification timelines with streamlined test processes
Complete compliance evidence for CE/RED submissions
Contact us today to get a quote and secure your ITSAR certification — ensuring your Radio Device are compliant, resilient, and ready for operator deployment.