United States
Ajax Systems continuously advances its practices aligned with international standards, reinforcing cybersecurity as one of the core principles. The most widely recognizable of these standards is ETSI EN 303 645, which defines cybersecurity requirements for connected devices, including security systems. As of now, Ajax Superior Hub Hybrid (4G) has received a certificate of conformity to this standard. This certification demonstrates to partners and users a high level of privacy protection based on verified cybersecurity practices.
What to know about ETSI EN 303 645
ETSI EN 303 645 is a European cybersecurity standard that regulates the protection of consumer IoT devices installed in homes, including smart home systems, security alarms, fire detectors, and video surveillance cameras. It is designed to reduce the risk of botnets, DDoS attacks, data leakage, and unauthorized access.
ETSI EN 303 645 defines 13 core cybersecurity provisions, along with additional data-protection guidelines. Together, these requirements address secure communication, data protection, software integrity and updates, system resilience, and vulnerability management.
Explore ETSI EN 303 645 cybersecurity principles
- No universal default passwords
- Implement a means to manage reports of vulnerabilities
- Keep software updated
- Securely store sensitive security parameters
- Communicate securely
- Minimize exposed attack surfaces
- Ensure software integrity
- Ensure that personal data is secure
- Make systems resilient to outages
- Examine system telemetry data
- Make it easy for users to delete user data
- Make installation and maintenance of devices easy
- Validate input data
Ajax Systems is already taking steps toward alignment with future regulatory requirements, including the Cyber Resilience Act (CRA), which will come into effect in 2027.
Ajax Superior Hub Hybrid (4G) is the first Ajax device to receive ETSI EN 303 645 certificate. Following testing at the KIWA laboratory, the device was confirmed to meet this standard as well as the Swedish SSF 1120 requirements.
Ajax Superior Hub Hybrid (4G) fully meets the ETSI EN 303 645 cybersecurity requirements for reliable system performance. The hub receives regular software updates that mitigate potential security risks, introduce new features, and maintain stable operation over time. All data stored and transmitted by the system is encrypted between the hub, Ajax Cloud, and Ajax apps. This level of protection significantly reduces the risk of reprogramming or tampering with the device, as well as illegal use of data.
All Ajax hubs are aligned with the same cybersecurity principles and use AES-128 encryption for secure data protection, as standardized by NIST.
What ETSI EN 303 645 certification means for Ajax partners
With this certification, Ajax partners have a clear basis for addressing cybersecurity concerns. The standard reassures end users that their data is protected, and devices are regularly updated to ensure stable, reliable operation over time. When security risks arise, they are handled through clear, predefined procedures — with transparency and a predictable response.
Verify Ajax device compliance with international standards here.
Security by design
For Ajax Systems, compliance with international standards is not a formality but an integral part of the development approach. That is why the ETSI EN 303 645 certificate confirms that cybersecurity risks are addressed systematically throughout the product lifecycle — from design and deployment to operation and updates. As a result, clients receive a product that keeps pace with the ever-changing cybersecurity requirements of the modern world.
