Vietnam’s Ministry of Industry and Trade (MOIT) issued Circular 12/2026/TT-BCT on May 8, 2026, mandating stricter import inspections for biometric readers effective July 1, 2026. The update introduces a new mandatory test — Presentation Attack Detection (PAD) per ISO/IEC 30107-3:2025 — targeting spoofing vulnerabilities including printed photos, 3D masks, and video replay attacks. Exporters, especially Chinese suppliers, must now ensure third-party PAD certification prior to shipment. This development directly affects biometric hardware exporters, importers, distributors, and system integrators serving the Vietnamese access control and identity verification markets.

Event Overview

On May 8, 2026, Vietnam’s Ministry of Industry and Trade (MOIT) published Circular 12/2026/TT-BCT. Starting July 1, 2026, all imported biometric readers entering Vietnam will be subject to enhanced random inspection. A new mandatory requirement — compliance with ISO/IEC 30107-3:2025 for Presentation Attack Detection (PAD) — has been added. Products failing this test will be denied customs clearance. The regulation explicitly requires third-party testing against common presentation attacks, including printed images, 3D facial masks, and video replay attempts.

Industries Affected by Segment

Direct Exporters and Trading Enterprises

Companies exporting biometric readers from China or other jurisdictions into Vietnam face immediate compliance risk. Since PAD testing is now mandatory for customs clearance, shipments without valid third-party test reports will be held or rejected. Impact includes delayed deliveries, increased pre-shipment costs, and potential contract penalties if delivery timelines are missed.

Manufacturers and OEM/ODM Suppliers

Manufacturers supplying biometric readers to export-focused trading firms must adapt product design and firmware to meet ISO/IEC 30107-3:2025 PAD requirements. This may involve integrating liveness detection algorithms, upgrading optical sensors, or modifying illumination systems — changes that affect time-to-market and BOM cost. Non-compliant legacy models may no longer be eligible for Vietnamese market entry.

Distributors and Channel Partners in Vietnam

Local distributors handling imported biometric readers must verify PAD certification status before warehousing or resale. Inventory already in-country prior to July 1, 2026, is not retroactively affected, but new stock arrivals will require documentation review. Failure to validate compliance may expose distributors to regulatory liability and loss of MOIT-recognized importer status.

System Integrators and End-User Solution Providers

Integrators deploying access control or identity verification systems in Vietnam must confirm PAD compliance of all reader components used in projects. Procurement specifications may need revision to include PAD test report submission as a contractual condition. Projects tendered after July 1 may require certified devices to pass client audits or government procurement reviews.

Key Focus Areas and Recommended Actions for Stakeholders

Monitor Official Implementation Guidance

While Circular 12/2026/TT-BCT is in force, MOIT has not yet published detailed implementation guidelines — such as approved testing laboratories, report format requirements, or validity period of test certificates. Stakeholders should track MOIT’s official portal and Vietnam Customs notifications for updates, particularly ahead of the July 1 enforcement date.

Verify Third-Party Testing Capacity and Turnaround Time

Not all accredited labs currently offer ISO/IEC 30107-3:2025 testing; capacity is limited, and lead times may extend beyond four weeks. Exporters should identify and engage qualified labs early, prioritizing those recognized by Vietnam’s Standards and Quality Institute (STAMEQ) or listed under MOIT’s designated conformity assessment bodies.

Distinguish Between Regulatory Signal and Operational Enforcement

This circular signals Vietnam’s broader shift toward aligning biometric device regulation with international security standards. However, initial enforcement may focus on high-volume or high-risk imports (e.g., government tenders, large-scale infrastructure projects). Routine commercial shipments may undergo phased ramp-up in inspection frequency — making early compliance preparation strategic, not merely reactive.

Update Supply Chain Documentation Protocols

Export documentation packages must now include PAD test reports alongside existing technical files and Declaration of Conformity. Logistics teams should revise internal checklists and coordinate with freight forwarders to ensure reports accompany shipping documents. Inconsistent or incomplete submissions are likely to trigger customs delays regardless of product compliance.

Editorial Perspective / Industry Observation

Observably, this measure reflects Vietnam’s increasing emphasis on cybersecurity resilience in physical access infrastructure — especially as national digital ID programs expand. Analysis shows it is less an isolated trade barrier and more a coordinated step aligned with ASEAN’s emerging harmonization efforts on biometric device assurance. From an industry perspective, the introduction of ISO/IEC 30107-3:2025 as a gatekeeping requirement suggests Vietnam is treating biometric readers not as generic electronics, but as critical security components requiring verifiable anti-spoofing capability. It is currently best understood as a regulatory signal with near-term operational impact — one that sets precedent for future requirements on AI-based liveness detection or continuous authentication features.

This circular marks a material shift in market access conditions for biometric hardware in Vietnam. Rather than representing a temporary adjustment, it signals institutional adoption of internationally recognized security benchmarks for identity verification devices. Current stakeholders should treat it as a structural change in compliance expectations — not a one-off inspection enhancement. Preparation is advisable not only for Vietnam-specific shipments, but also as a benchmark for anticipating similar requirements in other ASEAN markets undergoing digital identity modernization.

Source: Vietnam Ministry of Industry and Trade (MOIT), Circular No. 12/2026/TT-BCT, dated May 8, 2026. Official text available via MOIT’s legal database at https://moit.gov.vn. Note: Detailed implementation procedures, including list of authorized testing bodies and report submission protocols, remain pending publication and are subject to ongoing monitoring.