PSTI STATEMENT OF COMPLIANCE

We, MERCUSYS TECHNOLOGIES CO., LTD. hereby declare that under our own responsibility, our devices fully comply with the applicable security requirements in Schedule 1 of The Product Security and Telecommunications Infrastructure (Security Requirements for Relevant Connectable Products) Regulations 2023.

Schedule 1 specifies security requirements that relate to manufacturers of relevant connectable products which includes the MERCUSYS brand and its subsidiaries. This includes the following:

1. Password is unique per device or defined by the user of the device, and the password which is unique per device is generated by using a security mechanism that reduces the risk of automated attacks against a class or type of device.

2. Users can report vulnerabilities to MERCUSYS via https://www.mercusys.com/uk/press/security-advisory/ . Furthermore, users will receive acknowledgment of the receipt of a security issues report and status updates until the reported security issue is resolved.

3. MERCUSYS will provide security updates for our products during the pre-defined support period. The defined support period will end 3 years after the product’s end-of-life date. Up-to-date information concerning the defined support periods for the entire MERCUSYS product range are listed in Statements of PSTI Compliance_Mercusys. For further information regarding the products that have entered End of Life, please visit: https://www.mercusys.com/uk/faq-864.

MERCUSYS TECHNOLOGIES CO., LTD.
3rd Floor, Building R1-B, No. 23, Gaoxin 4th Road, South Hi-Tech Park,
Nanshan, Shenzhen, P.R. China