Business Wire

Quectel response to FCC about IoT module security

7.9.2023 16:03:00 EEST | Business Wire | Press release

Share

Quectel Wireless Solutions, a global IoT solutions provider, today commented on the recent letter and response being published by the FCC and the Select Committee of the US Congress questioning if Quectel’s IoT modules represent a potential security risk.

“We welcome the opportunity to work with the FCC and other U.S. government entities to demonstrate our compliance and best practice device security approach, says Norbert Muhrer, President and CSO, Quectel Wireless Solutions. “We are committed to contributing to the advancement of a smarter world by delivering best-in-class and secure products. This commitment is evidenced by our extensive device OEM customer base and our constant focus on providing our customers with the best and most secure modules in the industry.”

The Select Committee to the US Congress’ letter to the FCC had several misconceptions about how Quectel modules work. Quectel’s clarification regarding the statements made in the letter is as follows.

Committee letter: “Connectivity modules are typically controlled remotely and are the necessary link between the device and the internet.”

Quectel’s U.S. customers or their customers’ third-party suppliers/service providers handle device and data management exclusively. Firmware updates are managed and controlled by the device original equipment manufacturer (OEM), not Quectel.

Committee letter: “Serving as the link between the device and the internet, these modules have the capacity both to brick the device and to access the data flowing from the device to the web server that runs each device”

The control of Quectel modules resides with the microcontroller unit (MCU) or central processing unit (CPU) embedded within the customer's device. Quectel itself does not possess any control; instead, this authority rests solely with the OEM – the entity responsible for developing the device. Remote management of the device is achievable solely through the OEM's device management platform. A notable instance of this, referred to in the letter, is the widely covered case involving John Deere agricultural equipment, where just the OEM typically can disable the equipment by accessing and shutting down its own MCU’s controlling the machine.

Committee letter: “As a result, if the CCP can control the module, it may be able to effectively exfiltrate data or shut down the IoT device.”

Once Quectel modules leave the factory and are delivered to its customers, Quectel customers own the data, and Quectel has no access to any of the data collected. The ownership, control, storage, and modification of the data generated by IoT devices within the market firmly rest with the OEM device makers and its customers. Even in the rare cases outside of the U.S. where Quectel resells the connectivity service of a wireless carrier, Quectel does not have access to the device data.

Committee letter: “This raises particularly grave concerns in the context of critical infrastructure and any type of sensitive data.”

Applications that require high security, such as critical infrastructure, typically use private access point names (APNs) and other methods which strictly control and monitor network access. This can be used to control and monitor any data flowing to and from the device. Critical infrastructure is meticulously fashioned with a multi-tiered security approach defined and implemented solely by the device OEM, not Quectel.

The cellular industry is heavily regulated and requires intensive testing and accreditation. Carrier and regulatory certifications are executed by trusted third-party labs and carrier labs, assuring that the module complies with strict technical requirements. The Quectel modules have obtained certifications from the FCC, PCS Type Certification Review Board (PTCRB) and major carriers throughout the world, which underlines Quectel’s commitment to meeting rigorous industry standards.

In addition to cellular modules, Quectel also provides Wi-Fi, Bluetooth and GNSS modules and antennas. As a GSMA member, Quectel and its carrier partners comply with all cellular industry regulations and applicable standards to ensure that end customer data is securely transmitted between customer device and mobile network operator. Quectel does not have access to ANY of the device data.

Quectel is committed to delivering high-quality, best-in-class, secure modules and go above and beyond industry standard practices by conducting independent third-party cyber security audits. More recently Quectel also retained the security firm Finite State, which is auditing and penetration testing the security of its modules through rigorous security testing, improved software supply chain visibility, and comprehensive software risk management. Quectel is also participating in the formulation of new industry security certification standards, such as the CTIA Cybersecurity Certification Working Group and pursuing additional cyber security certifications from various U.S. entities as new standards are formulated and adopted.

Qualcomm manufactures the chipsets and software platforms that are at the core of the Quectel modules. “Our Qualcomm partnership underlines the importance we place on working with well-trusted and secure partners from across the ecosystem to deliver high-quality solutions globally,” Mr. Muhrer continues. “Quectel's impact on the global IoT industry is profound. We supplied millions of cellular modules to support the distribution of Covid-19 vaccines for leading U.S. and global organizations including Pfizer, Johnson & Johnson, and other leading suppliers of vaccines. This underscores our commitment to playing a pivotal role in critical global initiatives.”

About Quectel

Quectel’s passion for a smarter world drives us to accelerate IoT innovation. A highly customer-centric organization, we are a global IoT solutions provider backed by outstanding support and services. Our growing global team of 5,900 professionals sets the pace for innovation in cellular, GNSS, Wi-Fi and Bluetooth modules as well as antennas and services.

With regional offices and support across the globe, our international leadership is devoted to advancing IoT and helping build a smarter world.

For more information, please visit: www.quectel.com, LinkedIn, Facebook, and X (formerly known as Twitter).

To view this piece of content from cts.businesswire.com, please give your consent at the top of this page.

Contact information

Media contact: media@quectel.com

About Business Wire

For more than 50 years, Business Wire has been the global leader in press release distribution and regulatory disclosure.

Subscribe to releases from Business Wire

Subscribe to all the latest releases from Business Wire by registering your e-mail address below. You can unsubscribe at any time.

Latest releases from Business Wire

Quaise Energy Raises $134 Million in Initial Close of Series B to Build World’s First Superhot Geothermal Power Plant7.7.2026 15:01:00 EEST | Press release

Quaise Energy, a leading developer of utility-scale superhot geothermal energy, today announced the first close of its Series B financing, raising $134 million with additional equity and debt capital expected to close imminently. The round was led by Prelude Ventures, with strategic investments from JERA and Idemitsu, two of Japan's largest energy companies. Nearly all existing investors, including Safar Partners, participated in the round. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20260707844187/en/ The proceeds from Series B will fund Project Obsidian, the world’s first commercial superhot geothermal power plant, and the continued development and commercialization of Quaise's millimeter wave drilling system towards depths in excess of 5 km. Project-level equity and debt financing is concurrently being raised as the company advances toward first revenues secured by yet-undisclosed commercial off-take partners. The Series

Biocytogen and Whitehawk Therapeutics Enter Global Collaboration for Bispecific Antibody ADC Development7.7.2026 15:00:00 EEST | Press release

Biocytogen (SSE: 688796; HKEX: 02315) and Whitehawk Therapeutics, Inc. (“Whitehawk,” Nasdaq: WHWK) today announced a global collaboration to develop bispecific antibody-drug conjugates (BsADC). Biocytogen will provide access to up to five bispecific antibodies using its proprietary RenLite® platform, and Whitehawk will evaluate these in combination with its ADC linker-payload platform technologies. Whitehawk then has the option to advance any resulting BsADC candidates as part of its pipeline. Based on a common light-chain design, RenLite® supports the discovery, screening, and optimization of fully human bispecific antibodies across diverse target combinations, while reducing the risk of light-chain mispairing and providing a robust molecular foundation for subsequent BsADC development. By bringing together the complementary capabilities of Biocytogen and Whitehawk, the collaboration aims to identify BsADC candidates with differentiated targeting profiles and therapeutic potential. “W

UMA Unveils Its Vision for the Next Generation of Humanoid Robots7.7.2026 15:00:00 EEST | Press release

At Machina Summit, UMA, a Physical AI company, unveiled the design of its first humanoid robot and introduced Real-Time Learning, a learning architecture that enables robots to acquire new skills through demonstration instead of manual programming. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20260707215927/en/ The announcement comes as aging populations, industrial reshoring, and the energy transition place increasing pressure on labor markets across advanced economies. According to Korn Ferry, the global economy could face a shortage of 85 million workers by 2030, representing as much as $8.5 trillion in unrealized economic output. Against this backdrop, UMA is developing a new generation of intelligent robots built to assist people by taking on physically demanding, repetitive, or hazardous work. "Demographic, industrial, and environmental challenges all point to the same reality: societies need greater productive capacit

Bregal Milestone III Closes at its Increased Hard Cap of €915 Million7.7.2026 14:00:00 EEST | Press release

Bregal Milestone (“Milestone” or the “Firm”), a leading European software private equity firm, today announced the final close of its third fund, Bregal Milestone III (“Fund III” or the “Fund”), at its increased hard cap of €915 million. The Fund was oversubscribed and marks a significant broadening of the Firm’s global investor base. Completed in eight months from first close and achieved against a challenging fundraising environment, the result reflects the strength of Milestone’s AI-centric approach and demonstrable track record. Jan Bruennler, Philippe Lautenberg and Cyrus Shey, Co-Founders and Managing Partners at Bregal Milestone, commented: “Bregal Milestone III reflects strong conviction in our approach to investing in mission-critical European software, AI and cybersecurity businesses and helping them scale. We are thankful for the support and confidence shown by our limited partners, both longstanding and new, and remain focused on executing the strategy that has defined Mile

HTEC and Embotech Partner to Scale Deployment of Autonomous Driving Solutions for Industrial Logistics7.7.2026 13:39:00 EEST | Press release

HTEC, a global technology and AI engineering company headquartered in Silicon Valley, and Embotech, a global leader in safety-certified Level 4 autonomous driving solutions for industrial logistics, today announced a strategic partnership to scale deployment of Embotech's autonomous driving solutions across vehicle platforms, customer programmes and industrial sites. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20260707870943/en/ HTEC, a global technology and AI engineering company headquartered in Silicon Valley, and Embotech, a global leader in safety-certified Level 4 autonomous driving solutions for industrial logistics, today announced a strategic partnership to scale deployment of Embotech's autonomous driving solutions across vehicle platforms, customer programmes and industrial sites. The partnership comes as Embotech’s proven autonomous driving solutions are being adopted across a growing number of vehicle platforms

In our pressroom you can read all our latest releases, find our press contacts, images, documents and other relevant information about us.

Visit our pressroom
World GlobeA line styled icon from Orion Icon Library.HiddenA line styled icon from Orion Icon Library.Eye