OneKey Classic 1s & Classic 1s Pure Passes EU EN 18031 Cybersecurity Certification

YaelYael
/Dec 11, 2025
OneKey Classic 1s & Classic 1s Pure Passes EU EN 18031 Cybersecurity Certification

Key Takeaways

• OneKey Classic 1s series passed the rigorous EU EN 18031 cybersecurity certification.

• The certification emphasizes network protection, privacy, and fraud prevention mechanisms.

• Continuous compliance and monitoring are required for maintaining certification over the next 10 years.

In the realm of Web3 hardware security, compliance is often the litmus test for a product's "true defensive capability." Recently, OneKey's core products, OneKey Classic 1s and OneKey Classic 1s Pure, officially passed a rigorous review by an EU Notified Body, obtaining the EU-Type Examination Certificate.

Issued on September 15, 2025, with certificate number 0370-RED-10138, this marks that the OneKey Classic 1s series of hardware wallets have fully met the latest mandatory cybersecurity standards of the EU Radio Equipment Directive (RED) regarding cyber resilience, privacy protection, and fraud prevention mechanisms.

Part 1: What is this certification and what is its core significance?

The certification OneKey Classic 1s and 1s Pure obtained is not a standard electronic safety certificate, but a specific cybersecurity certification based on the EU Directive 2014/53/EU (Radio Equipment Directive, RED).

1. Hardcore Compliance Focused on "Cyberspace"

Traditional CE certifications usually focus on whether a device causes electrical shock or radio interference. However, this certificate specifically addresses Article 3.3 of the RED Directive. This is the EU's core cybersecurity requirement for connected radio equipment in response to increasingly complex cyber threats. OneKey has been certified under the following three key clauses:

  • Article 3.3 (d): Network Protection — preventing the misuse of network resources.
  • Article 3.3 (e): Personal Data & Privacy Protection — ensuring user data security.
  • Article 3.3 (f): Protection from Fraud — preventing monetary fraud and illegal transfers.

2. Endorsement by Authoritative Institutions

The certificate was issued by the authoritative EU Notified Body LGAI Technological Center S.A. (Applus+). As an independent third-party laboratory, Applus+ conducted a comprehensive audit of OneKey's technical documentation and test reports. For users, this means the security of the OneKey Classic 1s series relies not just on the manufacturer's "self-declaration" but is objectively verified by a top international certification body operating under ISO/IEC 17065 standards.

3. Covering Core Hardware and Software Versions

The certificate explicitly covers OneKey Classic 1s (Hardware Version v1.1) and OneKey Classic 1s Pure (Hardware Version v2.0.1), as well as the core firmware SW: v3.11.0. This proves that OneKey meets EU-recognized security benchmarks at the level of deep hardware-software integration.

Part 2: What requirements must be met to pass this certification?

To obtain this certificate, OneKey devices had to undergo a series of technical verifications known as "devil tests." According to the certificate's Technical Annex, the OneKey Classic 1s series must meet the stringent requirements of the EN 18031 series of standards.

1. Extreme Testing Across Three Dimensions

The tests were executed by Shenzhen DL Testing Technology Co.Ltd., with specific standards and requirements as follows:

  • Capability to Resist Cyber Attacks (EN 18031-1: 2024)
    • Corresponding to Article 3.3 (d). This requires that the device must not misuse network resources via the network and that its functions will not easily crash or degrade when subjected to external cyber attacks. For a Bluetooth-connected hardware wallet, this means OneKey's communication protocol stack must be robust enough.
  • Absolute Defense of User Privacy (EN 18031-2: 2024)
    • Corresponding to Article 3.3 (e). This is a specialized test for "personal data and privacy protection". OneKey must prove that it has perfect encryption and isolation mechanisms when processing sensitive information such as user private keys and addresses, ensuring this data is not eavesdropped on or leaked during wireless transmission.
  • Financial-Grade Anti-Fraud Mechanisms (EN 18031-3: 2024)
    • Corresponding to Article 3.3 (f). This is a special requirement for devices involving "monetary value". OneKey needs to prove that the device has specific security features to prevent users from suffering internet fraud (such as malicious tampering with transaction information). This is the authoritative checkup for the core function of a hardware wallet.

2. Comprehensive Technical Documentation Audit

In addition to laboratory testing, the Notified Body conducted a carpet-style review of all technical files submitted by OneKey (Technical Documentation Review). The review list included:

  • Risk Assessment: Verifying whether the manufacturer identified all potential threats and provided solutions.
  • Circuit Diagram & PCB Layout: Checking for hardware backdoors or design flaws from the physical circuit level.
  • Operational Description: Reviewing whether the running logic of firmware v3.11.0 complies with security specifications.
  • Bill of Materials (BOM): Ensuring component sources are compliant and traceable.

Only when all Test Reports and technical files are flawless will the Notified Body issue this certificate, which represents the "golden key" for EU market access.

Part 3: Future Outlook

OneKey Classic 1s and 1s Pure's passing of the EN 18031 certification is not only an affirmation of current product quality but also a commitment to future security responsibilities.

1. Continuous Compliance and Monitoring

The certificate clearly states that the manufacturer must keep the technical documentation and the EU Declaration of Conformity for 10 years. This means OneKey has established a long-term archive tracking mechanism, ensuring that the security record of every Classic 1s product is traceable.

2. Dynamic Response to Security Threats

Cybersecurity is a dynamic process. The certificate specifically mentions that if the "state of the art" changes, causing the original equipment to potentially no longer meet basic requirements, the manufacturer must inform the Notified Body. This drives OneKey to remain vigilant at all times, continuously tracking the latest global cyber attack and defense technologies, and addressing unknown potential threats through firmware upgrades.

3. Transparency and Trust

In the decentralized world, trust remains a scarce resource. OneKey chooses to undergo this extremely complex EU cybersecurity certification to demonstrate extreme transparency to global users. All test standards, certification scopes, and compliance commitments are clearly documented.

In the future, OneKey will continue to follow these strict international standards, using the OneKey Classic 1s series as a cornerstone to build a digital asset safe for global Web3 users that meets regulatory requirements and possesses financial-grade defensive capabilities.

Secure Your Crypto Journey with OneKey

Keep Reading