News Item

Share your feedback: ENISA public consultation bolsters EU5G Cybersecurity Certification

ENISA has released and is seeking feedback on the embedded Universal Integrated Circuit Card (eUICC) specifications of the cybersecurity certification scheme on EU5G, which is carried out under the Common Criteria scheme.

Published on June 26, 2024

Today, in response to a European Commission request for a cybersecurity certification scheme on EU5G, the European Union Agency for Cybersecurity is launching a 2-month long public consultation concerning the specifications related to the certification of the embedded Universal Integrated Circuit Card (eUICC), under the Common Criteria based European Cybersecurity Certification Scheme (EUCC).  

The eUICC is a secure element that contains one or more subscription profiles (Embedded Subscriber Identity Module - eSIM) and provides operators and end customers a secure solution. Through the specifications, ENISA aims to facilitate the certification of conformity of the eUICCs with the EU Cybersecurity Certification Scheme on Common Criteria (EUCC) to further enhance both the consumers’ and industry trust in the product. Additionally, efforts have already been made to address current functional, security and certification requirements by means of these specifications; the requirements of other relevant regulations, such as the European Digital Identity Regulation, can be met as well by means of these specifications. 

In line with the European Commission request to ENISA to develop a candidate cybersecurity certification scheme on EU5G, ENISA has developed a range of requirements for 5G networks. The specifications currently under consultation for eUICC certification have been drawn up with the support of the Ad Hoc Working Group (AHWG) on EU5G. 

Through the European Cybersecurity Certification Framework established by the Cybersecurity Act, the EU aims to provide solutions in a single market by adopting schemes that define the necessary requirements in cybersecurity of services and products. Commonly recognised certification schemes in the EU enable ICT suppliers and businesses to expand to markets by demonstrating adherence to the scheme specifications and requirements. These certification schemes bolster the trust of the end users or service providers to certified solutions, as they are better aware of the security level of the products or services they use.  

The public consultation allows interested parties and stakeholders to provide feedback on the specifications. The outcome will be processed and shared. Please note that the consultation will remain open for contributions until August 26st, 12.00 CET. 

You may find the specifications document in the following link: Specifications related to the certification of the embedded Universal Integrated Circuit Card - European Union (europa.eu) 

To participate in the Public Consultation, please click here. 

Further Information 

EUSurvey - Survey (europa.eu) 

Homepage - European Union (europa.eu) 

Cybersecurity Certification Framework — ENISA (europa.eu) 

Certification — ENISA (europa.eu) 

Contact 

For press questions and interviews, please contact press (at) enisa.europa.eu 

 

This site uses cookies to offer you a better browsing experience.
Aside from essential cookies we also use tracking cookies for analytics.
Find out more on how we use cookies.

Accept all cookies Accept only essential cookies