Notice: New UK Product Security and Telecommunications Infrastructure (PSTI) Law

April 29, 2024
Share open/close
URL copied.

LONDON, United Kingdom – April 29, 2024 – At Samsung, we place consumers and product security at the heart of all our operations. We are supportive of the new UK Product Security and Telecommunications Infrastructure (PSTI) legislation that comes into law, effective from today, 29th April, 2024 and believe it will offer more transparency to customers.


From today, (in summary) in the UK, it will not be legal to sell internet or network connectable products[1] unless they meet the following three requirements:


  1. Products cannot use a universal default password or one that is easy to determine.
  2. Manufacturers must provide a public point of contact to report security vulnerabilities in products.
  3. Manufacturers must publish the minimum amount of time a product will receive security updates.

We confirm that all Samsung products covered by the new law that were released in the UK in the last three years already comply with these requirements. The public point of contact for reporting security vulnerabilities and the length of software security update support for in-scope Samsung products can be found here:


Statement of Compliance

In addition to the above three requirements, from 29th April 2024, all relevant products supplied to end-users in the UK must also be accompanied by a Statement of Compliance confirming that the product fully complies with the above requirements.


Please see below for an example Statement of Compliance that will accompany in-scope Samsung products approved for sale in the UK.



[1] Some exceptions apply, including laptops and Wi-Fi only tablets

Corporate > Others

Press Resources > Statements

For any issues related to customer service, please go to for assistance.
For media inquiries, please contact

Check out the latest stories about Samsung

Learn More

Manage your cookies

We use cookies to improve your experience on our website. Manage your settings for our cookies below.

Strictly necessary cookies (essential)

These cookies are essential as they enable you to move around the website. This category cannot be disabled.

Cookie Domain Purpose
AWSALBCORS AWS Application Load Balancer Cookie. Load Balancing Cookie: Used to map the session to the instance. Same value as AWSALB.
AWSALB Application AWS load balancer first receives a request from a client, it routes the request to a target, generates a cookie named AWSALB that encodes information about the selected target, encrypts the cookie, and includes the cookie in the response to the client.
PHPSESSID The PHPSESSID cookie is native to PHP and enables websites to store serialised state data. On the Action website it is used to establish a user session and to pass state data via a temporary cookie, which is commonly referred to as a session cookie. As the PHPSESSID cookie has no timed expiry, it disappears when the client is closed.
COOKIECONSENT Used to store the cookie consent status of the user.

Analytical or performance cookies (optional)

These cookies collect information about how you use our website, for example which pages you visit most often. All information these cookies collect is used to improve how the website works.

Cookie Domain Purpose Expiration Time
_ga Used to distinguish visitors to site. It registers a unique identification in order to gather statistical data about how a visitor uses the Website. 1 year
_ga_94BEG50BVX Used to persist session state. 1 year