RFID Regulations and Certification Procedures in Emerging Asian Markets

International regulations addressing radiofrequency identification (RFID) devices may seem as endless and evolving as applications for the technology itself. While countries frequently update their standards, testing and documentation requirements, we can see enough continuity to understand basic principles of international RFID certifications. A look at the certification process for RFID devices in emerging Asian markets provides insight into the global regulatory picture for RFID products and for wireless technology in general.

My experience and economic data suggest that Indonesia, Malaysia, and India are increasingly important emerging markets for U.S. manufacturers and exporters. China, Japan, and Korea remain top priorities. Other compliance experts have described these country’s wireless certification procedures in this publication. It is easy to assume that the intense in-country testing and documentation requirements seen in China, for example, would be found throughout Asia. This, however, is not the case. This is not to say that the regulations in other emerging Asian markets are not strict or lengthy. Rather, there are fewer boxes to check and they are less tedious, if done correctly.

Clearly, if you’re reading this magazine, you’re into compliance! Now we’re going international. So grab some coffee, put on some techno, and let’s take a look at these markets. As stated, we will focus on RFID, mostly in the 800/900MHz range. If you are using another wireless wireless/RF technology, you’ll see parallels. If you’re not, I’m not sure you’re in the right business (either that or I’ve done a terrible job!). Take a breath. We’re diving into the regulatory swamp.


Your marketing team agrees that it’s worth jumping through a few hoops to get access to a country of 255 million people. That’s easy for them to say, since they don’t have to do the compliance work. The first questions you need to ask as a compliance engineer are what are the Indonesian standards for RFID, and what are the operating parameters (i.e., frequencies, output power etc.)?

RFID regulations in Indonesia are based on local standards. Many countries default directly to U.S. or European Union (EU) standards. This is not the case for Indonesia. The Indonesian standards are derived from EU and FCC standards such as EN 300 208-1 and FCC Part 15, but the standards are still their own. We are dealing specifically with 221/DIRJEN/2007 for RFID in the 900MHz range. Those interested can find Indonesian standards online, although they are typically not translated into English.

Here are a few key aspects:

  • The RFID tools and equipment will work at frequencies 923-925 MHz, with a total bandwidth of 2 MHz, maximum hopping channel 500 kHz.
  • The equipment must have a transmission power of < 2000 mW (ERP)
  • Radiated emission limits are 500 microvolts/meter

The standard for 13.56 MHz RFID is No.214/DIRJEN/2005. This lists:

  • 13.567 MHz field strength 65 microvolts/meter at 10 meters
  • Transmission power < 10mW

Once a manufacturer understands the technical parameters and design requirements for their RFID device, the next step is to review the certification procedure.

Indonesia requires the submission of two samples for testing at a government-affiliated laboratory. The regulatory authority, the Directorate General of Posts and Information Technology (Sumber Daya Dan Perangkat Pos Dan Informatika, or SDPPI), also mandates that, in most cases, a manufacturer obtain approval for the end product (as opposed to the RF module only). As a general rule, Indonesia does not allow modular approvals. Many countries will allow modular approval, which can reduce the number of certifications a manufacturer must obtain.

In most cases, the Indonesian test lab will return the samples upon completion of testing undamaged. However, there is always the chance that something could happen to the samples, and manufacturers should plan accordingly, especially if it is an expensive device such as a medical device using RFID, for example. In many cases, for RFID products, manufacturers will also need to provide a laptop computer for testing.

Assuming the sample is properly configured to Indonesian technical parameters and the instructions are clear, testing with SDDPI should be relatively painless. A manufacturer should work with partners who speak both English and Indonesian (Bahasa Indonesia). Many of the officials at SDPPI do not speak English and troubleshooting or setup issues can be difficult without a bilingual engineer. After testing, the application goes into certification or review.

The process from start to finish with SDPPI takes about four weeks. The manufacturer should also factor in time to configure the sample, ship it to Indonesia, review documents and so on. A total of six to eight weeks from start to finish is not unreasonable for the entire certification process to play out.

SDPPI approvals continues to evolve. There was a brief period around December, 2015 when SDPPI ran a pilot program offering product approvals for RF equipment including RFID without testing. In that case, they based compliance on existing test reports (FCC, EU) and product documentation. For some, the pilot program had the feeling of a holiday promotion, that is, get your certification quickly before you have to test again. Sure enough, SDPPI re-implemented required testing at the start of 2016. It’s difficult to predict if testing will remain a requirement or if Indonesia will again suspend testing requirements. The key is to check requirements early, and monitor them. Sometimes a regulatory change like this promotion eases burdens on manufacturers. Just as likely, it will increase the burden.


My experience suggests that Malaysian certifications for RFID equipment have become more stringent in recent years. The authority, however, is not scrutinizing applications to the same degree as some other regulatory bodies in Asia. That said, everything in compliance is relative, including the degree of difficulty of RFID certifications. Although there are countries that are more difficult to deal with, Malaysia has well-established procedures and operating parameters for RFID.

Manufactures need to consider several crucial technical details and documentation requirements before starting the Malaysian certification process. First, a look at Malaysian technical parameters.

Like Indonesia, Malaysia has its own standards for RFID. SIRIM Berhad, the Standards and Industrial Research Institute of Malaysia, is a quasi-government body overseeing product certifications under the purview of the Malaysian Ministry of Communications. For RFID at 900MHz, Malaysia mandates the following:

  • Operating frequency 919-923MHz. The total output of the ‘interrogator’ device in RFID shall be <4W, ERP.
  • The interrogator equipment shall employ channels with 500KHz maximum bandwidth.

Malaysia also requires RFID equipment in this frequency range to comply with European standards EN 302 208-1 or U.S. FCC Part 15. This detail in their standard is both interesting and crucial. Ideally, a manufacturer will have test reports covering both standards. However, compliance engineers familiar with these standards and RFID equipment operating at 800/900MHz in general will note that the U.S. and Europe have different frequency ranges. In Europe, we are dealing with 865-868MHz and in the U.S. we are dealing with 902-928MHz. How does this fit with Malaysia’s frequency of 919-923MHz? Does Malaysia test accept FCC reports covering a broader frequency range or require testing in-country?

Malaysia requires a sample for in-country inspection for all wireless device certifications with SIRIM. For RFID equipment operating in the 900MHz range, the requirements are unique. SIRIM still wants a sample for in-country inspection. That means, in theory, they will inspect the sample but won’t actually test your RFID device if you have the proper test data. This could mean that a manufacturer who conducted FCC Part 15 testing covering 902-928MHz then gets an addendum specifically covering 919-923MHz. SIRIM will typically accept an addendum or additional testing. However, it is always best to check in advance that your plans will be covered and accepted before you perform additional testing.

In case the manufacturer submits a product without test data covering Malaysia’s RFID frequency range, SIRIM can do the testing itself. If you are using another RFID frequency, which is the same under Malaysian and foreign regulations, your FCC or EU reports will cover you and Malaysia will inspect the sample without testing.

In summary, a manufacturer needs to send a sample to Malaysia. Whether or not Malaysia tests the sample or just inspects it depends on the available reports, frequencies and, in some cases, a decision by Malaysian regulators. After inspection or testing of the RFID device at SIRIM’s lab, in conjunction with review of the application materials, the agency will issue certification. The process typically takes four weeks, assuming no issues are found.

SIRIM certification requires a registered local representative in Malaysia. A third party can provide this service if the manufacturer does not have an office in Malaysia. If you are using your office, be sure they are responsive and willing to help. This is true for any country requiring a local representative. Sometimes local offices are very helpful. In other cases, your contact may disappear when you ask him or her for a few simple documents. Checking in advance and using a third party as needed can resolve this.

SIRIM has recently implemented an important update to its label regulations. Label updates can be just a matter of font or color but in this case it impacts the scope of RF/wireless certification. For several years, only the local representative could purchase individual labels from SIRIM, unlike most other countries which allow the manufacturer to print the label itself and add the certification number. This meant the manufacturer would need to tell his or her local representative how many labels to buy and apply them properly to avoid issues with customs. Malaysia has made the process less burdensome without relinquishing control. Now, the manufacturer may print labels but must first apply for label approval. SIRIM has also created a new label for approved wireless devices.

It is important to note that all regulations and procedures are subject to change and the manufacturer should monitor updates accordingly. SIRIM will publically announce changes impacting RFID manufacturers and they agency typically gives ample time to prepare for any regulatory updates.


Traveling across the continent to India, we find a relatively simple type approval process for RFID devices. However, a manufacturer should not allow this simplicity to lull them into complacency. We must still consider several important regulations.

Indian wireless regulations generally fall under the Wireless Planning and Coordination (WPC) wing, of the Department of Telecommunications. Like most other countries, India clearly allocates spectrum to RFID usage. India does not widely publish its own detailed standard for RFID in the way that Indonesia and, to a lesser extent, Malaysia do. Instead, the WPC has not published detailed technical aspects of RFID for different bands.  For the 800MHz range, they list RFID under IND44:

  • RFID equipment in 865-867MHz with a maximum power of 1 W (4W ERP) and carrier bandwidth of 200kHz

While this range does not exactly match the range in the EU, India will accept reports to to EN standards (302 208-1) for RFID applications for IND44. Unlike Malaysia, the manufacturer can submit the report as is without further test data in the exact range. If the report is from an accredited lab, the WPC will accept it. This is true of other RFID frequency ranges as well for India.

India WPC approval has several other important features we must consider. We will look at three. First: a local representative, a registered entity in India, must submit the application on behalf of the manufacturer or exporter. As in Malaysia, this may be the manufacturer or exporter’s local office or a third party can provide this service. Although the involvement from the local representative is limited to submitting the application, it is still important to choose a cooperative and responsive in-country partner.

The second consideration is that the WPC issues equipment type approvals (ETAs) by frequency band. So, if your device is using 800MHz RFID and another frequency band (for example, 2.4GHz WLAN), you would need two separate ETAs for the same device. As a result, a single RFID device could have multiple ETAs.

The third consideration is India’s expansion of product safety requirements. Of course, Malaysia and Indonesia have some product safety requirements as well, but they are mostly limited to household equipment and other items that do not typically employ RFID. However, over the past few years, the Bureau of Indian Standards (BIS) has added additional IT equipment to the list of products requiring safety certification. The list includes visual display units, smart card readers, power adaptors and other items. Manufacturers should look for updates from the BIS to determine if the list of products requiring safety certification has expanded.


While the RFID standards, frequency allocations and certification procedures of various countries seem to range wildly, we see enough parallels to understand basic considerations the manufacturer must take regardless of the market they wish to enter. The considerations often seem obvious. When you are balancing design considerations, marketing priorities and looking at multiple regulations at once, however, it is not as easy as it sounds. One should always gather as much detail as possible about the technical operating parameters in a country, and then consider the procedure of that country and identify partners to help as needed. Finally, a manufacturer needs to stay alert for new regulations, as changes can impact the timetable for testing and certification.

author_cassidy-michael-2Michael Cassidy has been involved in international compliance since 2007 when he started as a project manager with Intertek. Cassidy moved to TUV Rheinland where he was operations manager for their International Approvals team. He then formed M.C. Global Access LLC (www.mcglobalaccess.com) which helps medical, consumer, and industrial manufacturers certify their products overseas. Cassidy can be reach at mcassidy@ mcglobalaccess.com.

Leave a Reply

Your email address will not be published.