The U.S. Federal Communications Commission is closer to launching the Cyber Trust Mark for connected consumer device cybersecurity certification as the agency has selected the lead administrator for the program.
According to the FCC, UL Solutions will service as both the Lead Administrator and a Cybersecurity Label Administrator (CLA) of the Cyber Trust mark, a voluntary cybersecurity labeling program for wireless consumer IoT products and smart home devices.
The Cyber Trust Mark, which the FCC officially approved in March, is designed to help solve cybersecurity challenges in the consumer IoT market, which has long been fraught with inadequate cybersecurity protections and a lack of baseline standards. Once implemented, the mark would include a QR code linking to a landing page for each product that details the current state of the device’s security.
Companies using the label under the program will be required to list information such as the date of authorization, the name of the accredited lab, instructions on how to change the default password, disclosure of the minimum support period, disclosure of whether a software bill of materials is included, and any additional information. The program will likely launch sometime in 2025.
UL Solutions to “Identify, Develop, and Recommend” Standards for Cyber Trust Mark
In the custom home integration channel, CEDIA, Crestron and others have pledged their support for the program.
2024 Lighting Controls and Fixtures Report
Lightapalooza took place in late February, and the growth of the event has mirrored the rapid ascension lighting fixtures and controls.Download your copy now!
The program is envisioned as the cybersecurity equivalent of the Energy Star label, allowing qualifying consumer smart products that meet critical cybersecurity standards to display a label, including a new U.S. government certification mark (U.S Cyber Trust Mark), which will help consumers make informed purchasing decisions, easily identify trustworthy products, and encourage manufacturers to prioritize higher cybersecurity standards.
According to the FCC, the program is intended to be a collaborative effort between the public and private sectors, with the FCC retaining ultimate oversight and control of the program and authorized third-party administrators such as UL Solutions managing activities such as evaluating product applications, granting permission to use the label, and educating consumers.
Northbrook, Ill.-based UL Solutions describes itself as a “global safety science leader” that “helps companies to demonstrate safety, enhance sustainability, strengthen security, deliver quality, manage risk and achieve regulatory compliance.”
The company apparently met the FCC’s criteria to be conditionally approved as a CLA and satisfies the Lead Administrator program criteria. In this role, UL Solutions will be responsible for “identifying or developing, and recommending to the Commission for approval, the IoT-specific standards and testing procedures for the program, among other recommendations, and for acting as liaison between the Commission and CLAs,” the FCC says.
The FCC’s Public Safety and Homeland Security Bureau will announce the selection of additional CLAs in the near future. Those entities will be authorized by the FCC to certify the use of the Cyber Trust Mark by manufacturers whose products comply with the agency’s IoT cybersecurity labeling program rules.
If you enjoyed this article and want to receive more valuable industry content like this, click here to sign up for our digital newsletters!