Following the conformance deadline (April 29th), SafeShark, a specialist in connected product testing, has conducted analysis of more than 100 connected consumer devices currently on the market. The results show that three-quarters of these devices are still not compliant with the legal requirements set out in the Product Security and Telecoms Infrastructure Act.

SafeShark’s testing revealed the concerning statistic that 92 of the 124 products (74 per cent) we have checked in the past 24 hours fail to meet the necessary requirements. Plus:

· Only 41 per cent of the manufacturer websites had information about their vulnerability disclosure process – which is a mandatory provision in the legislation;

· Only one quarter of product websites had the PSTI standard security support date mentioned for the product. Interestingly, 10 per cent of products had PSTI information but did not quote the security support period as specified by the Act.

The findings underscore the urgent need for manufacturers, retailers, and distributors to prioritise compliance to ensure consumer safety and satisfaction.

Non-compliance carries potentially severe penalties, including withdrawal from UK market access and fines of £10 million or 4 per cent of global turnover, whichever is higher. That’s before any legal repercussions or damage to brand reputation.

Commenting on the results, SafeShark Director Alex Buchan said: “The level of non-compliance we’ve uncovered is deeply concerning. It’s clear that many manufacturers are falling short in meeting the essential requirements for connected consumer devices. The legislation provides businesses with explicit guidance on what compliance entails, and the OPSS can enforce stringent penalties against companies that fail to adhere to these regulations. We urge all stakeholders in the industry to take immediate action to address these issues.”

Categories: Articles, Equipment, IoT, Research

Tags: connected consumer, SafeShark, standard