Smart tech is the smart choice so long as it’s well-engineered

A few weeks ago, we learned about Amazon’s ambitious plans for Amazon Key. Amazon Key is a solution that allows Amazon delivery people to leave packages inside the home rather than outside the door. They do this by converting traditional door locks to smartlocks, which can be accessed by Amazon when needed. A camera is included to monitor the drop offs. I expect that Amazon has done their market research; They know that some consumers will prefer the risk of giving Amazon access to their home over the risk that packages could go missing. Additionally, the service avoids the inconvenience of having to wait at home for deliveries  This is the same tradeoff between operational efficiency and security that Sera4 solves for industrial infrastructure.

Smartlock security was put to the test at last year’s DEFCON conference, where hackers try to break security. Twelve out of sixteen tested smartlocks were hacked within 15 minutes using simple digital equipment. I had hoped that this would send a message to our industry to take security more seriously. Unfortunately, Amazon’s newly-released smartlock system has already been hacked. Although the current vulnerabilities don’t show how to unlock someone’s house without authorization, the security holes destroy trust in the video surveillance that is a core component of the Amazon Key system. I don’t feel confident to put this on my front door. I doubt anyone wants a lock on their house that let hackers walk in, no matter how “smart” the feature list appears.

Designing secure smartlocks is not easy. It requires both physical security and logical security. People have been designing for physical security for centuries. We’ve largely figured out how to do that. Designing for secure wireless control is a new area, where many designers are still just learning. It’s not surprising that they overlook things.  Security is Sera4’s specialty. Since we don’t aim to get our products in residential front doors, I hope that someone else brings secure residential smartlocks to market soon. If not, adoption is going to be very slow, or we’re going to have a lot of unexpected burglaries in the near future.

Sera4 Confirmed to Exhibit at MWC 2018

Sera4 is excited to share that we will be exhibiting in Hall 7 at the upcoming Mobile World Congress in Barcelona. MWC is the world’s largest gathering for the mobile telecom industry and takes place February 26 – March 1, 2018.

The Eternal Struggle: Security versus Efficiency

It is a struggle we all know well, we need to decide whether we want to be efficient or secure. Of course in an ideal world it won’t be choice between the two, however it often is. Even something as simple as working with a contractor when you aren’t available can be difficult.

There are a few options, none of which are ideal;

  • You make sure someone is always around or available – secure but time consuming and inconvenient
  • You make a key copy to give to them – efficient, less secure, and then you still need to keep track of that extra key. In many cases you can’t make copies of security keys.
  • You leave your key somewhere – efficient but not safe as anyone could find it, and then you need to worry about how to get it back so you can access the site.

This is also if there is only one level of security, looking at more secure sites with multiple layers you get further inefficiencies. People lose their keys and access cards, and forgo security measures all the time. Reissuing key cards is time consuming and having to rekey multiple sites is expensive. On top of that when something takes 30 seconds without security but takes 10 minutes with security measures, you can guess what a lazy or malicious employee will eventually do.

There is also the added issue that unless someone is always around you have no idea who is coming and going. You also have no idea if they secure the site, when they leave, or how long they stayed. As a result you are losing time and money no matter what option you choose. If you make it too easy to access people can hack into the system and remotely open locks. When none of the options are great it can be difficult to justify spending a lot to receive so little peace of mind in return.

At Sera4 our goal is to eliminate this struggle through modern technology, and to do it for remote infrastructures that face harsh or unique environments. Every time the lock is opened or closed it is recorded in an audit log so you can keep track of exactly who has been where and for how long. Users can reset their own passwords if they forget, the app is password-protected in case your phone gets lost or stolen, and you can only see and open locks if you are near the locks. We provide a platform that works with whatever phone you already have, and doesn’t allow remote access. We believe that anyone opening a lock should be physically present at the lock, just like with a traditional key. Our architecture choice to only open locks on short-range wireless connections radically reduces the risk of a hacking threat without affecting the practical use of a Teleporte system.