Skip to main content
News announcement26 June 2024European Union Agency for Cybersecurity1 min read

Provide your Feedback: ENISA public consultation bolsters EU5G Cybersecurity Certification

ENISA has released and is seeking feedback on the embedded Universal Integrated Circuit Card (eUICC) specifications of the cybersecurity certification scheme on EU5G, which is carried out under the Common Criteria scheme.

Public Consultation eUICC

Today, in response to a European Commission request for a cybersecurity certification scheme on EU5G, the European Union Agency for Cybersecurity is launching a 2-month long concerning the Specifications related to the certification of the embedded Universal Integrated Circuit Card (eUICC), under the Common Criteria based European Cybersecurity Certification Scheme (EUCC).

The eUICC is a secure element that contains one or more subscription profiles (Embedded Subscriber Identity Module - eSIM) and provides operators and end customers a secure solution. Through the specifications, ENISA aims to facilitate the certification of conformity of the eUICCs with the EU Cybersecurity Certification Scheme on Common Criteria (EUCC) to further enhance both the consumers’ and industry trust in the product. Additionally, efforts have already been made to address current functional, security and certification requirements by means of these specifications; the requirements of other relevant regulations, such as the European Digital Identity Regulation, can be met as well by means of these specifications.

In line with the European Commission request to ENISA to develop a candidate cybersecurity certification scheme on EU5G, ENISA has developed a range of requirements for 5G networks. The specifications currently under consultation for eUICC certification have been drawn up with the support of the Ad Hoc Working Group (AHWG) on EU5G.

Through the European Cybersecurity Certification Framework established by the Cybersecurity Act, the EU aims to provide solutions in a single market by adopting schemes that define the necessary requirements in cybersecurity of services and products. Commonly recognised certification schemes in the EU enable ICT suppliers and businesses to expand to markets by demonstrating adherence to the scheme specifications and requirements. These certification schemes bolster the trust of the end users or service providers to certified solutions, as they are better aware of the security level of the products or services they use.

Access the Public Consultation

The public consultation allows interested parties and stakeholders to provide feedback on the specifications. The outcome will be processed and shared. Please note that the consultation will remain open for contributions until August 26st, 12.00 CEST.





Publication date
26 June 2024
European Union Agency for Cybersecurity
Certification Schemes