UK PSTI Statement of Compliance

The UK’s consumer connected product security regime comes into effect on 29 April 2024.

Schedule 1 to the 2023 Regulations sets out the specific requirements that must be complied with:

Passwords must be unique per product, or they must be capable of being defined by the end user of the product. All KUMA product passwords can be set by the end user. All devices use WPA2-AES, (or greater), security to protect these passwords.
KUMA must provide information on how to report security issues about their products. This can be found on our website here https://kuma-products.com/pages/vulnerability-disclosure-policy
Information on minimum security update periods - see below

Year 1 after production - all security updates will be released and available on the product FAQ page here https://kuma-products.com/pages/help

Year 2 after production - all security updates will be released and available on the product FAQ page here https://kuma-products.com/pages/help

Years 3-5 after production - security updates will cease, full customer service will still be provided to all KUMA customers.

Statement of compliance

Under our sole responsibility, KUMA LIMITED hereby declares that its products listed below fully comply with the applicable security requirements set out in Schedule 1 of the Product Security and Telecommunications Infrastructure (Security Requirements for Relevant Connectable Products) Regulations 2023 (England, Scotland and Wales).

KUMA CONNECT 4G router (and antenna kits)

KUMA CONNECT 5G router (and antenna kits)

security@kuma-products.com (monitored weekdays 9am–5pm GMT)