The United Kingdom requires manufacturers of ‘smart devices’ to state how long a device receives security updates. Under the new rules, manufacturers will also be prohibited from using a default, universal password for these devices.
The Product Security and Telecommunications Infrastructure Act covers, among other things, smartphones, consoles and tablets, but also smart speakers, doorbells, lamps and watches. The National Cyber Crime Center writes: “The manufacturer must specify the minimum period over which a device will receive important security updates.”
Furthermore, the United Kingdom prohibits manufacturers from using default passwords. According to the NCCC, criminals can look up these generic passwords and perhaps use them to log in to smart devices, which are in turn connected to local networks. Under the new rules, companies must share contact information for users who want to report a security risk.
The government body emphasizes that most smart devices are produced outside the UK, but the PSTI law also applies to importers and retailers. Breaking the law can be fined up to £10 million or four percent of a company’s global turnover.
Tags: requires manufacturers state smartphone update times Tablets phones News