Select your location for location specific information:
IT security label; application
You can apply for the IT security mark of the Federal Office for Information Security (BSI) for your IT consumer products. This is your assurance that your products meet the security requirements of the BSI.
Online services & Forms
Online services
-
IT-Sicherheitskennzeichen beim BSI online beantragenThe federal portal contains information on administrative services provided by the federal government, federal states and local authorities. Here you can apply for the IT security label directly online.
Forms
-
Antrag auf Freigabe des IT-Sicherheitskennzeichens für Breitbandrouter
Hauptantrag
This form can be submitted electronically without signature (e.g. via a secure contact form or by e-mail) or in paper form to the responsible authority.
-
Antrag auf Freigabe des IT-Sicherheitskennzeichens für E-Mail-Dienste
Hauptantrag
This form can be submitted electronically without signature (e.g. via a secure contact form or by e-mail) or in paper form to the responsible authority.
-
Antrag auf Freigabe des IT-Sicherheitskennzeichens für Smarte Verbrauchergeräte
Hauptantrag
This form can be submitted electronically without signature (e.g. via a secure contact form or by e-mail) or in paper form to the responsible authority.
Responsible for you
Bundesamt für Sicherheit in der Informationstechnik
Street address
Godesberger Allee 87
53175 Bonn
Postal address
Postfach 200363
53133 Bonn
Phone
Website
Route planner
Timetable for public transport
Procedure details
Description
The Federal Office for Information Security (BSI) issues the IT security label for products on the consumer market. This applies, for example, to the following product categories:
- Broadband routers,
- e-mail services,
-
Smart consumer devices, including
- Smart television,
- Smart cameras,
- smart speakers,
- Smart toys and
- Smart cleaning and garden robots;
With the BSI product label, manufacturers and service providers have the opportunity to make the IT security features of their products transparent and thus stand out on the market. This provides consumers with guidance when purchasing IT products, as they are able to take cybersecurity aspects into account when making their purchase decision.
To obtain an IT security label, you must submit an application to the BSI. The application is voluntary. With the IT security mark, you show that your products meet certain security standards that have been issued or recognized by the BSI.
The IT security mark essentially consists of
- an assurance from your company that your product or service meets certain IT security requirements for a specified period of time (manufacturer's declaration).
- a BSI product information page with up-to-date security information. This informs consumers about the IT security features of your product or service.
If you receive approval from the BSI, use the IT security label on the product, packaging or online.
The BSI market surveillance authority can check whether your product actually fulfills the requirements for the IT security label on a random basis or on an ad hoc basis.
If the BSI identifies a deviation or security gap, you will be contacted. You will then be given the opportunity to rectify the identified deficiencies or security gaps. If the security gap is not rectified or is particularly critical, the BSI may additionally
- publish security information on the product information page or
- revoke the approval of the IT security label.
As a rule, IT security labels expire after 2 years. The BSI can specify a different period for individual product categories. As soon as the term has expired, the release of the IT security label is terminated.
The BSI concludes mutual recognition agreements with foreign state labels. These agreements make it possible to issue the mark in a simplified procedure. An overview of the existing recognition agreements can be found on the BSI website.
Requirements
- Your product or service must meet the requirements of the respective product category.
- You have checked the conformity before submitting the application.
Required documents
-
Required Documents
- Antrag für die jeweilige Produktkategorie
- gegebenenfalls dort benannte weitere Anlagen
- Produktbilder für die Veröffentlichung auf den Internetseiten des Bundesamts für Sicherheit in der Informationstechnik (BSI)
- Auszug aus dem Handelsregister, der nicht älter als 6 Monate ist, oder einen anderen geeigneten Unternehmensnachweis
Proceedings
You can apply to use the IT security label for your product or service online via the federal portal or in writing by email or post.
Apply for the IT security label online:
- First check your product for conformity with the security requirements of the relevant product category.
- Go to the federal portal verwaltung.bund.de and complete the online application.
- Upload the documents required for the respective product category and specified in the application.
- Send the application to the Federal Office for Information Security (BSI) via the federal portal.
- The BSI will check your application for completeness and request additional documents if necessary.
- As soon as all documents have been submitted, you will receive a confirmation of receipt from the BSI.
- The BSI will check the plausibility of the information and documents you have submitted.
- Before the IT security label is approved, you will receive a notification of fees.
- Once you have paid the administrative fee, the BSI will issue you with the final approval of the IT security label in the form of an approval notice.
- With the approval notice, the respective product information page is published and the individual IT security label is made available.
- If the BSI considers rejecting the IT security label during the application review, you can comment on this before the decision is made.
Apply for the IT security label by e-mail and post:
- First check your product for conformity with the security requirements of the relevant product category.
- Go to the BSI website and download the application for the IT security label for your product category.
- Complete the application on your computer and save the application without signing it.
- Send the application with the other required documents by e-mail or De-Mail.
- Print out the complete application documents without product images and sign the application.
- Send the application and the associated documents to the BSI by post.
- The remaining steps are identical to the online procedure.
Fees
The Federal Office for Information Security (BSI) charges an administrative fee for processing the application.
Deadlines
The Federal Office for Information Security (BSI) may specify different terms for individual product categories. If an IT security specification applicable to the relevant product category is changed or declared invalid, you must update your manufacturer's declaration with a valid test basis. Otherwise the release expires after a period of 6 weeks.
Processing time
The processing time varies depending on the product category. Currently, the processing time is 6 weeks for broadband routers and e-mail services and 8 weeks for smart consumer devices. (6 to 8 weeks)
Special notes
There are no indications or special features.
Legal bases
Appeal
- Hearing if the BSI intends not to issue the IT security label
- Objection
Related links
Status: 03.02.2024
Editorially responsible for prodecure description: Bundesministerium des Innern
Source:
Federal Portal
Contains machine translated content.
Show the original content