The PSTI Act regulates the supply of certain internet-connective devices and its main purpose is to ensure that these devices are protected from the risk of cyberattacks and security vulnerabilities.
These requirements apply to all manufacturers, importers and distributors. giffgaff is required to ensure that all giffgaff devices meet the following requirements:
We must ensure that any pre-installed password is unique or otherwise capable of being chosen by the user of the product.
We must inform users as to where they can go to report security issues with their product.
We must provide users with information regarding the minimum length of time during which their product will receive security updates
We must produce and ensure that each product is accompanied by a statement of compliance, which contains prescribed information.
However, PSTI does not cover:
giffgaff cannot provide security updates or support for third-party apps or services that you may install on your device.
giffgaff is not responsible for any security issues resulting from actions you take (e.g., downloading untrusted apps, using weak passwords, etc.).
If you use a third-party device with our network, security updates and support
for these devices are subject to the manufacturer's policy, and giffgaff cannot
guarantee the availability of security updates for these devices.
What products does giffgaff supply that are covered by the PSTI Act?
Smart phones
How to report security vulnerabilities to giffgaff
If you believe you have discovered a security vulnerability in any devices
manufactured or supplied by giffgaff, we encourage you to report it to us as quickly as possible. To report any security vulnerabilities, or if you have any issues with your mobile devices, please send an email to our Member Relations team at PSTI@giffgaff.com.
When reporting a vulnerability, please include as much detail as possible to help us address the issue promptly and efficiently.
How do I find out about security updates for my new device?
The duration for which your device will receive security updates is determined by the manufacturer. They will provide these updates in order to ensure that your device remains protected against potential vulnerabilities, such as viruses and malware. Most new devices will receive security updates for up to 2 years from the date of purchase or activation.
How do I find out about security updates for my refurbished device?
If you purchase a refurbished device from giffgaff, it may have been previously owned and could have a different security update schedule compared to new devices. The following applies to refurbished devices:
The device may be subject to a reduced or limited period of security updates.
giffgaff will clearly communicate the expected security update period for refurbished devices before purchase, so you can make an informed decision.
Refurbished devices may not be eligible for the same level of customer support or warranty as new devices, depending on their age and condition.
All connectable products provided by giffgaff are compliant with PSTI regulations. Choose the manufacturer for your product to find out more.
Mobile devices