SASO Mandates Dual Cybersecurity Certification for Smart Pet Devices in Saudi Arabia
Saudi Arabia’s Standards, Metrology and Quality Organization (SASO) issued an urgent regulatory update on May 4, 2026, requiring all smart pet devices—including automated feeders and GPS-enabled collars—entering the Saudi market to comply with two cybersecurity standards effective June 1, 2026. This development directly impacts global manufacturers, exporters, and certification service providers engaged in the smart pet technology supply chain.
Event Overview
On May 4, 2026, SASO published Emergency Notice SASO/TECH/2026/089. It mandates that all Smart Pet Devices imported into Saudi Arabia must obtain both ISO/IEC 27001 information security management system certification and compliance verification against the SASO IoT Security Framework Version 2.3. The requirement takes effect on June 1, 2026. Chinese OEM manufacturers are given a 60-day transition window—until July 31, 2026—to complete the dual certification; failure to do so will result in denial of the SASO Certificate of Conformity (CoC).
Industries Affected
Direct Exporters & Trading Companies
These entities face immediate customs clearance risk: without valid SASO CoC backed by the dual certification, shipments will be rejected at Saudi ports. Impact manifests in delayed deliveries, rework costs, and potential contract penalties under Incoterms such as DAP or DDP.
OEM/ODM Manufacturing Firms (Especially China-based)
As primary certificate holders per SASO’s notice, Chinese OEMs bear full compliance responsibility—not just testing but documentation, internal ISMS implementation, and audit readiness. The 60-day deadline compresses timelines for gap assessment, remediation, and third-party audit scheduling, particularly where existing ISO/IEC 27001 scope excludes IoT device firmware or cloud backend components.
Certification & Testing Service Providers
Demand is rising for labs accredited to perform SASO IoT Security Framework V2.3 assessments—especially those with cross-recognition for ISO/IEC 27001. However, only SASO-authorized bodies may issue the final CoC. Non-accredited labs cannot substitute for official validation, creating a bottleneck for time-sensitive submissions.
Distribution & Brand Owners (Importers)
Brands relying on third-party OEMs must now verify certification status before purchase orders or inventory commitments. Lack of contractual clauses assigning certification ownership or cost allocation may expose importers to unplanned compliance liabilities—including product recalls or sales suspension if OEMs miss the deadline.
Key Actions for Stakeholders
Monitor Official SASO Communications for Interpretive Guidance
SASO has not yet published publicly accessible test protocols or acceptance criteria for the IoT Security Framework V2.3. Stakeholders should track SASO’s official portal and authorized notification channels for clarifications on firmware signing requirements, OTA update security, or data residency expectations—details critical for technical implementation.
Prioritize Devices with Cloud-Connected or Remote-Control Features
The notice explicitly names GPS collars and smart feeders—both typically cloud-dependent. Analysis shows devices involving remote command execution, biometric data handling, or persistent network connectivity are most likely within scope. Standalone Bluetooth-only devices may fall outside current enforcement focus—but this remains unconfirmed and subject to SASO’s discretion.
Distinguish Between Policy Signal and Operational Readiness
The May 4 notice is binding, but SASO’s capacity to process dual-certified CoC applications at scale remains untested. Observably, early applicants may encounter delays in CoC issuance even after passing audits—making it prudent to submit documentation no later than mid-June 2026 to avoid July bottlenecks.
Initiate Internal Alignment Across R&D, QA, and Regulatory Teams
ISO/IEC 27001 requires documented risk treatment plans, asset inventories, and incident response procedures—not just penetration testing. Current more suitable approach is to convene cross-functional teams now to map firmware update mechanisms, user authentication flows, and data encryption practices against both ISO/IEC 27001 Annex A controls and SASO V2.3 clauses.
Editorial Perspective / Industry Observation
This notice is less a standalone regulation and more a signal of SASO’s broader shift toward outcome-based IoT governance—where conformity hinges on demonstrable security outcomes, not just component-level testing. Analysis shows it aligns with Saudi Vision 2030’s digital trust agenda and mirrors tightening frameworks in UAE and Qatar, suggesting regional harmonization may follow. From industry perspective, it reflects growing regulatory expectation that consumer IoT vendors assume end-to-end accountability—from hardware design through cloud operations—even when outsourcing manufacturing. It is not yet a market-wide ban, but rather a hard deadline for formalized security governance—and one that treats certification as a prerequisite, not a post-market formality.
In summary, SASO’s May 4, 2026 notice establishes a concrete, near-term compliance threshold for smart pet device market access in Saudi Arabia. Its significance lies not in novelty—similar frameworks exist elsewhere—but in its enforceability timeline, explicit assignment of liability to OEMs, and integration of management system rigor (ISO/IEC 27001) with technical IoT controls. For stakeholders, it is best understood not as an isolated audit requirement, but as an indicator of accelerating regulatory convergence across Gulf Cooperation Council (GCC) markets—where cybersecurity compliance is increasingly non-negotiable, non-delegable, and non-deferrable.
Source: SASO Emergency Notice SASO/TECH/2026/089, issued May 4, 2026. Note: SASO IoT Security Framework V2.3 test methodology and authorized laboratory list remain pending public release; ongoing monitoring is advised.
Related Intelligence
![Malaysia SIRIM Updates Eco-Label Rules for Cosmetic Packaging]( "Malaysia SIRIM Updates Eco-Label Rules for Cosmetic Packaging")
Cosmetics & PkgMay 05, 2026Malaysia SIRIM Updates Eco-Label Rules for Cosmetic PackagingMalaysia SIRIM updates eco-label rules for cosmetic packaging: New MS 2685:2026 Annex D mandates ingredient-level bioplastic labeling — avoid 35% green tariffs!![ICTI ETP 2026 Requires Blockchain Labor Traceability for RC Toy Factories]( "ICTI ETP 2026 Requires Blockchain Labor Traceability for RC Toy Factories")
Electronic & RC ToysMay 05, 2026ICTI ETP 2026 Requires Blockchain Labor Traceability for RC Toy FactoriesICTI ETP 2026 mandates blockchain labor traceability for RC toy factories—learn how TrusTrace integration, deadlines, and compliance impact Walmart/Target suppliers.![Shopee Launches Baby & Maternity Health Whitelist in SEA]( "Shopee Launches Baby & Maternity Health Whitelist in SEA")
Nursery Furniture & MonitorsMay 05, 2026Shopee Launches Baby & Maternity Health Whitelist in SEAShopee’s Baby & Maternity Health Whitelist now requires CNAS-CPC certification for nursery furniture & baby monitors in Indonesia, Thailand, Vietnam — act now to avoid listing delays!![Korea MFDS: Beauty Device Li-ion Cells Require UN38.3 + KC 62133-2:2026]( "Korea MFDS: Beauty Device Li-ion Cells Require UN38.3 + KC 62133-2:2026")
Beauty DevicesMay 05, 2026Korea MFDS: Beauty Device Li-ion Cells Require UN38.3 + KC 62133-2:2026Korea MFDS now mandates UN38.3 + KC 62133-2:2026 for Li-ion cells in beauty devices—critical for exporters, suppliers & importers. Act before 1 Aug 2026!![Amazon Japan Removes Non-Compliant Baby Monitors (JIS T 2101:2026)]( "Amazon Japan Removes Non-Compliant Baby Monitors (JIS T 2101:2026)")
Nursery Furniture & MonitorsMay 05, 2026Amazon Japan Removes Non-Compliant Baby Monitors (JIS T 2101:2026)Amazon Japan removed non-compliant baby monitors lacking JIS T 2101:2026 certification and ≤0.3% AI false-alarm rate — act now to restore listings & avoid sales disruption.![Ningbo-Zhoushan Port Launches STEM Toy Green Lane]( "Ningbo-Zhoushan Port Launches STEM Toy Green Lane")
STEM & Educational ToysMay 05, 2026Ningbo-Zhoushan Port Launches STEM Toy Green LaneSTEM toy green lane launched at Ningbo-Zhoushan Port — fast-track ASTM F963-23 customs clearance for exporters. Save 2.3 days, boost U.S. shipment efficiency!![SASO Mandates Dual Cybersecurity Certification for Smart Pet Devices in Saudi Arabia]( "SASO Mandates Dual Cybersecurity Certification for Smart Pet Devices in Saudi Arabia")
Smart Pet DevicesMay 05, 2026SASO Mandates Dual Cybersecurity Certification for Smart Pet Devices in Saudi ArabiaSASO mandates dual cybersecurity certification for smart pet devices in Saudi Arabia—ISO/IEC 27001 + SASO IoT Security Framework V2.3. Act now to secure your CoC before June 1, 2026!![Vietnam Customs Launches AI Clearance for Baby Strollers]( "Vietnam Customs Launches AI Clearance for Baby Strollers")
Baby Gear & StrollersMay 05, 2026Vietnam Customs Launches AI Clearance for Baby StrollersVietnam Customs AI clearance for baby strollers launches May 2026—48-hour clearance if Vietnamese ASCII labels comply. Act now to avoid 5–7 day delays!![EN 14350-1:2026 Enforced: BPA Migration Limit for Children's Drinkware Reduced to 0.01 mg/kg]( "EN 14350-1:2026 Enforced: BPA Migration Limit for Children's Drinkware Reduced to 0.01 mg/kg")
Camping & WaterMay 05, 2026EN 14350-1:2026 Enforced: BPA Migration Limit for Children's Drinkware Reduced to 0.01 mg/kgEN 14350-1:2026 enforced: BPA migration limit slashed to 0.01 mg/kg for children's drinkware — urgent compliance action needed for EU market access.![FDA Tightens Microbial Migration Limits for Infant Feeding Utensils Effective May 4, 2026]( "FDA Tightens Microbial Migration Limits for Infant Feeding Utensils Effective May 4, 2026")
Infant Feeding & CareMay 05, 2026FDA Tightens Microbial Migration Limits for Infant Feeding Utensils Effective May 4, 2026FDA tightens microbial migration limits for infant feeding utensils to ≤10 CFU/cm² effective May 4, 2026—key update for exporters, manufacturers & labs. Act now!![Baby Digital Thermometer OEM: Certification Points That Shouldn’t Be Missed]( "Baby Digital Thermometer OEM: Certification Points That Shouldn’t Be Missed")
Infant Feeding & CareMay 05, 2026Baby Digital Thermometer OEM: Certification Points That Shouldn’t Be MissedBaby digital thermometer OEM certification can make or break market entry. Learn the key CE, FDA, testing, traceability, and quality control points to approve safer, more reliable suppliers.![Wholesale Baby Shoes: Size Planning Tips That Reduce Returns]( "Wholesale Baby Shoes: Size Planning Tips That Reduce Returns")
Baby Gear & StrollersMay 05, 2026Wholesale Baby Shoes: Size Planning Tips That Reduce ReturnsWholesale baby shoes size planning tips for travel retail teams: reduce returns, improve supplier alignment, and boost customer satisfaction across global sales channels.![Wholesale Baby Hooded Towels: What Makes a Set Feel Gift-Ready]( "Wholesale Baby Hooded Towels: What Makes a Set Feel Gift-Ready")
Corporate & Seasonal GiftsMay 05, 2026Wholesale Baby Hooded Towels: What Makes a Set Feel Gift-ReadyWholesale baby hooded towels feel more gift-ready when they combine soft, safe fabrics, coordinated packaging, and retail appeal—helping distributors boost margins and attract modern buyers.
