What is China’s B13 (IP-VPN) License and Who Needs One?

Companies providing Internet Protocol Virtual Private Network (IP-VPN) services in China, such as building private networks for enterprises, enabling secure remote access, or offering encrypted communication solutions, must obtain a B13 License, also known as the IP-VPN License or 增值电信业务经营许可证-国内互联网虚拟专用网业务 in Chinese. This comprehensive guide covers everything you need to know about the B13 License: its legal foundation, who needs it, the application process, and how to stay compliant with Chinese regulations.

What is the B13 (IP-VPN) License?

The B13 License, formally known as the “Domestic Internet Protocol Virtual Private Network Business License” (国内互联网虚拟专用网业务许可证) is a commercial operating license required for businesses that provide virtual private network services using TCP/IP protocols to create secure, closed user group networks over the internet in Mainland China. The B13 License is specifically designed for companies that build customized private networks for domestic enterprises and organizations requiring secure, encrypted data transmission.

The B13 designation refers to the specific category within the Ministry of Industry and Information Technology’s (MIIT) telecommunications business classification system, where “B13” represents “Domestic Internet Protocol Virtual Private Network Business” (国内互联网虚拟专用网业务).

This license serves as the government’s primary mechanism for regulating VPN operations, ensuring that businesses providing secure network services in China comply with local laws and maintain robust security and confidentiality standards.

What is the Legal Foundation of the B13 License?

As part of the Value-Added Telecommunications Services (VATS) or 增值电信业务, the Telecommunications Regulations of the People’s Republic of China (中华人民共和国电信条例) applies to the B13 License.

Article 7 of the Telecommunications Regulations establishes that all telecommunications businesses require a license:

“The State shall implement a licensing system for telecommunications businesses in accordance with the classification of telecommunications businesses. Telecom operators shall apply to the information technology administration department of the State Council or the telecommunications administration authorities of the province, autonomous region or centrally-administered municipality for a telecommunications business permit pursuant to the provisions of these Regulations. No organisation or individual shall engage in telecommunications business without obtaining a telecommunications business permit.”

Article 8 clearly states that there are two types of telecommunications businesses: basic telecommunications and value-added telecommunications.

“Telecommunications businesses are categorised into basic telecommunications businesses and value-added telecommunications businesses. Basic telecommunications businesses shall mean the businesses of providing public network infrastructure, public data transmission and basic voice communication services. Value-added telecommunications businesses shall mean making use of public network infrastructure to provide telecommunications and information services.”

Who Needs a B13 (IP-VPN) License?

The B13 License is required when providing domestic Internet Protocol Virtual Private Network services that create secure, closed user group networks for enterprises and organizations. According to MIIT’s Classification Catalogue of Telecommunication Services (2015), Domestic IP-VPN services refer to:

“the customized Internet closed user group network services provided for domestic users by the operators utilizing their own or leased Internet network resources and adopting the TCP/IP agreement. An Internet protocol virtual private network mainly adopts IP tunnels and other TCP/IP-based technologies, and provides a certain degree of security and confidentiality. In an Internet protocol virtual private network, encrypted transparent packet transmission can be realized.”

This therefore means that you will need a B13 License if your business revolves around any of the following:

IP-VPN Network Types:

• Remote Access VPN (远程访问虚拟网) – Providing secure remote access solutions for employees to connect to corporate networks from external locations. Used by enterprises with mobile workforce, remote offices, or work-from-home arrangements requiring secure access to internal systems
• Internal Enterprise VPN (企业内部虚拟网/Intranet VPN) – Building secure internal networks connecting different departments, offices, or branches within a single enterprise. Used for secure internal data transmission, resource sharing, and communication within corporate Intranets
• Enterprise Extension VPN (企业扩展虚拟网/Extranet VPN) – Creating secure networks connecting enterprises with partners, suppliers, distributors, or clients. Used for B2B data exchange, supply chain management, and collaborative business operations requiring secure external connectivity

Technical Implementation Methods:

• IP-VPN Services – Building VPN networks over the internet using IPSec, L2TP, SSL, and other protocols
• MPLS VPN Services – Constructing private networks using Multi-Protocol Label Switching (MPLS) technology through IP networks, providing enhanced quality of service and traffic management

Business Applications and Services:

• Private network construction (构建专用网络) – Designing and implementing customized secure networks for enterprise clients
• Remote access services (远程接入) – Enabling secure remote connectivity to corporate resources
• Encrypted file storage (加密文件存储) – Providing secure, encrypted storage solutions within VPN infrastructure
• Online behavior management (上网行为管理) – Managing and monitoring internet usage within enterprise networks
• Firewall services (防火墙) – Implementing network security and access control
• Network acceleration (网络加速) – Optimizing network performance within VPN connections
• Traffic management (流量管理) – Managing and prioritizing network traffic flow
• Load balancing (负载均衡) – Distributing network loads across multiple servers or connections

It is important to note, any business that builds or operates virtual private networks for domestic enterprise clients, provides secure remote access solutions, or creates closed user group networks using TCP/IP protocols will require a B13 License.

What are the Basic Requirements to Apply for the B13 License?

Obtaining a B13 License requires meeting specific ownership, operational, and infrastructure requirements set by MIIT.

Ownership Structure

Foreign ownership limits vary by region:

Pilot Regions: According to the Ministry of Industry and Information Technology’s Notice on Launching Pilot Work for Expanding Opening Up of Value-Added Telecommunications Services (工业和信息化部关于开展增值电信业务扩大对外开放试点工作的通告) , as of April 8, 2024 Beijing, Shanghai, Hainan, and Shenzhen have eliminated foreign capital restrictions for certain VATS businesses. However, IP-VPN services are not included in the pilot program liberalization. Foreign investment restrictions remain in place nationwide for B13 licenses.

All Regions: According to the Administrative Measures for Foreign-Invested Telecommunications Enterprises (外商投资电信企业管理规定), foreign-invested enterprises are restricted to 50% foreign capital maximum for IP-VPN services. Foreign companies must establish a joint venture (JV) structure with a Chinese partner holding at least 50% equity or collaborate with a Chinese partner such as AppInChina.

Domestic companies face no ownership restrictions and can operate with 100% Chinese ownership nationwide.

Company Requirements

• Your company must be legally established under Chinese law with “Value-Added Telecommunications Business” (增值电信服务) and specifically “Domestic Internet Protocol Virtual Private Network Business” (国内互联网虚拟专用网业务) explicitly listed in your business scope.
• You need minimum registered capital of CNY 1 million for provincial operations or CNY 10 million for cross-provincial operations.
• The company and its key personnel must have clean records with no telecommunications violations in the past three years and cannot be included in the list of dishonest telecommunications business operators.

Technical Infrastructure

• VPN network infrastructure must demonstrate capability for secure tunnel creation, encryption, and authentication using TCP/IP-based technologies such as IPSec, L2TP, SSL, or MPLS.
• Network architecture must demonstrate capability for building closed user group networks with appropriate security controls and access management.
• Technical plans must demonstrate VPN functionality, security protocols, encryption methods, network topology, and service level agreements.
• A cybersecurity department with supporting internal regulations is mandatory, including network security monitoring, incident response procedures, and data protection measures.

Companies must ensure compliance with data localization regulations, implement robust encryption for data transmission, and maintain secure access control systems. VPN services must also comply with the Data Security Law (数据安全法) and Personal Information Protection Law (个人信息保护法) requirements regarding data transmission and storage. Companies providing VPN services involving cross-border data transmission must additionally apply for Cross-Border Data Transfer Security Assessment (数据出境安全评估) as required by relevant regulations.

Personnel Requirements

• You need at least 3 Chinese employees with social security (社保) records covering 1 month from your company for the application materials.
• Technical staff with relevant qualifications in network engineering, VPN architecture, security protocols, and cybersecurity are required.
• Some regions mandate at least one IT-related professional with recognized certifications or degrees in computer science, network engineering, cybersecurity, or related fields.

Foreign Enterprise Requirements

Foreign-invested enterprises face additional requirements:

For all foreign-invested enterprises:

• Your legal representative must be a Chinese national or permanent resident.
• You must demonstrate VPN operational experience through network architecture diagrams, security protocol documentation, service contracts, and implementation case studies.

Additional documentation required for foreign enterprises:

• Foreign Investment Security Review Decision (《外商投资安全审查决定书》)
• Foreign shareholder overseas registration certificates with notarization and authentication
• Articles of association showing foreign investment structure (maximum 50% foreign ownership)
• Proof of foreign investor’s financial stability and business qualifications

It is worth noting, companies providing VPN services for cross-border data transmission may need to comply with additional data security and cross-border data transfer regulations.

Technical Evaluation Requirements

Companies applying for B13 licenses must pass evaluation for required business management systems.

Required Systems for Evaluation

The specific systems required for B13 IP-VPN license evaluation typically include:

1. Network Security Management System – Required for monitoring and managing security across VPN infrastructure
2. Access Control System – Required for managing user authentication and authorization
3. ICP/IP Address/Domain Name Filing System – May be required depending on specific business operations

Companies should verify the exact system requirements with their local Communications Administration as requirements may vary by region. These evaluations are provided free of charge by designated evaluation agencies.

How to Apply for the B13 (IP-VPN) License

The B13 License application process is administered through regional telecommunications authorities under MIIT oversight. The process is complex and typically takes 30-60 business days from initial submission to final approval, though complex applications or requests for supplementary materials may extend this timeline. Depending on the scale of your operations, the authority managing your application will differ:

Provincial Operations: Approved by the Provincial Communications Administration Bureau (省通信管理局) where the company is registered.

Cross-Provincial Operations: Must apply to the Ministry of Industry and Information Technology (国家工业和信息化部).

Major filing authorities include:

• Shanghai Communications Administration (上海市通信管理局) for Shanghai
• Beijing Communications Administration (北京市通信管理局) for Beijing
• Guangdong Communications Administration (广东省通信管理局) for Guangdong
• Shenzhen Communications Administration (深圳市通信管理局) for Shenzhen

Step 1: Material Preparation

Confirm enterprise qualifications meet requirements and prepare all application materials organized by category: main qualifications, personnel materials, technical documentation, security plans, and network architecture.

Step 2: Online Submission

Access MIIT’s Telecommunications Business Market Comprehensive Management Information System (电信业务市场综合管理信息系统). Complete and submit application forms, uploading all materials in PDF format.

Step 3: Material Review

MIIT’s local Communications Administration conducts initial formal review followed by substantive review. Some regions may request supplementary materials. Total typical review period is 30 to 60 business days.

Step 4: On-Site Inspection

Authorities may conduct inspection of network infrastructure, verification of technical personnel, review of security protocols and network architecture, and assessment of operational capabilities and systems.

Step 5: Approval Decision

Upon approval, the B13 License is issued with results notified via SMS and email. Rejections include specific reasons for non-compliance that must be addressed before resubmission.

Step 6: Certificate Collection

Choose on-site pickup or mail delivery. The certificate is valid for 5 years and requires renewal before expiration. Finally, to remain compliant with local laws and regulations, companies are required to display the B13 License number provided on the certificate on their website.

Important Renewal Requirements: Companies must apply for renewal 90 days before expiration and submit all complete materials at least 30 days before expiration, otherwise renewal will not be granted and this is considered automatic abandonment of renewal. Failure to renew on time may result in being listed on telecommunications bad faith lists.

The entire process generally takes 30 to 60 business days (approximately 2 to 3 months) from submission to approval. Complex applications involving large-scale infrastructure or additional documentation requests may extend this timeline.

What Documents are Required for Application?

• Company Documents – Business license (营业执照) with telecommunications scope (增值电信服务) and IP-VPN business scope (国内互联网虚拟专用网业务), company articles, legal representative ID (法人代表身份证) with photo, and shareholder identification.
• Personnel Documents – Social security certificates for at least three employees covering one month, technical staff educational certificates and certifications where required, and employment contracts.
• Business Materials – License application form, business development plan, technical solution demonstrating VPN capabilities including security protocols and encryption methods, network architecture diagrams, data security assurance plan, and operational procedures.
• Infrastructure Documents – Network topology diagrams showing VPN infrastructure, security protocol documentation (IPSec, L2TP, SSL, MPLS specifications), equipment lists with specifications, access control system documentation, and encryption implementation details.
• Compliance Documents – Cybersecurity department establishment records, data protection regulations and procedures, incident response plans, operational security policies, and commitment letter for lawful telecommunications business operations (signed and stamped).
• All copies must be stamped with your company seal. Foreign language documents require certified Chinese translations. Requirements will vary by province. Due to the complexity of this process, it is recommended you work with a partner that is familiar with this process, such as AppInChina. This will not only reduce application delays, but will also increase the likelihood of the application being successful.

What Are the Consequences of Operating Without a B13 License?

Operating telecommunications or internet-based VPN services in China without a valid B13 License directly violates Chapter 6 of the Telecommunications Regulations of the People’s Republic of China (中华人民共和国电信条例) and carries significant legal and operational risks:

• Criminal liability for serious offenses such as unauthorized network operations or security violations.
• Administrative penalties including warnings, rectification orders, and confiscation of illegal gains.
• Fines calculated as 3 to 5 times the amount of illegal income; if there is no illegal income or it is less than CNY 50,000, fines ranging from CNY 100,000 to CNY 1 million will be imposed.
• Business restrictions including suspension of operations, forced shutdown of VPN services, or revocation of telecom permits in severe cases.
• Blacklisting of the entity and key personnel, preventing future telecommunications business operations.
• User-focused remedies such as mandatory service migration support, apologies, and compensation for service disruptions or losses.
• Additional liability for companies and approval agencies if services are carried out during the application process before license approval.

It is critical to note that you cannot operate VPN services while your B13 License application is pending. Both your company and the approval agency will face penalties if unlicensed operations are discovered during the application period.

How Can AppInChina Help?

Navigating China’s B13 license requirements demands specialised expertise and a local entity. We can help with: 

• Compliance Assessment. We provide a free assessment of your solution to determine which licenses you require, which may include the B13 License and other licenses, filings and certificates. Based on this we will confirm what options are available to you.
• Publishing. AppInChina can obtain the B13 License on your behalf and publish your solution under our company. 
• License Application. If you’re trying to obtain the B13 License for your wholly foreign-owned enterprise (WFOE) in China then we can advise you on this process. 

Contact us to book an initial call and begin your entry into the Chinese market.