The case against Remote Unlock

Every now and again we are asked the question “can we remotely unlock things with Teleporte?”  We understand where the question comes from. Most IoT devices are focused on remote sensing or control from a distance. Smart devices allow you to do things like set your home’s temperature from the other side of the world. It’s easy to assume that smart locks should behave in a similar way.

We often get asked to include this feature but we have purposefully built Teleporte so that a person is required in the physical presence of the device. We wanted to render unlocking something remotely from a command center impossible. And it is important for you, our customers to understand why.

Practical Risks

First, we do allow you to remotely enable a user, so there is no argument for someone new or unexpected needing access. In what situation then would you want to release a lock without an individual there? We can’t think of a practical scenario. Having someone on-site means that when the lock is opened the asset is being watched the whole time. Someone can close a gate behind them, reducing the time an asset is not secured. And most importantly, a person on-site can lock up again. Many locks are designed to fall or pop open when unlocked, and without someone there to close them, a remote unlock function would not guarantee a corresponding and critical lock function. 

Second, you don’t just want anyone on site when access is granted: you want to know who is getting in. With a remote unlock, there is little guarantee that the person going into a site is the one who is supposed to be. Smartphones are actually very sophisticated to identify a user with passwords and biometrics and their location with GPS. A local virtual key is much more reliable than a remote unlock process.

Cybersecurity

Finally, we want to mitigate the risks of hacking and cybercrime. In 2019, artificial intelligence designed and carried out more cyberattacks than people did. The attacks are getting more sophisticated. At Sera4, we use the best cybersecurity practices, but no one can predict everything.  If there is a logical path to remotely unlock something, there is a risk that it will happen; be it a sophisticated hacking attack or something as innocent as an error in an API integration. Imagine the catastrophe if the locks on a critical infrastructure network were all remotely opened at the same time. We designed Teleporte to ensure that this is impossible. 

We appreciate the excitement around technical feasibility and fancy features such as remote unlock, but every feature comes at a cost. Our goal is to the safety and security of our systems first, ensuring less risk and more reliability to you.

Go Keyless

It may not be apparent at first glance: going keyless is about a lot more than just not having to carry around a key or a fob. It’s about added security, new concepts of control, smarter operations and reporting. 

When we say “go keyless”, we mean abandoning any physical thing that controls access rights. That means no keys, no access cards, and no fobs. The keys are virtual; digital tokens stored in smartphones and automatically transmitted over the air.

Control

Virtual keys afford greater control over who has access to your assets. Keys can be granted to or revoked from people who aren’t physically present. Virtual keys can do things that ordinary keys can’t, like only permit access within a time window or limit the number of times they can be used. And with virtual keys, they can be automatically given many people in a service team and to many sites at once. These things would be impossible or very cumbersome with traditional keys.

Security

Despite first impressions and consistent news about poorly-executed smartlock designs, virtual keys can be more secure than physical keys. Imagine how we all do internet banking today. At Sera4, we use the same security principles and architectures to keep the same levels of reliability, security and scale. Where physical keys can be mechanically cloned, it is much harder to hack a digital certificate. Physical keys can be passed from person to person, or misplaced and picked up by strangers. Even more relevant is that virtual keys identify the user, which provides a lot of practical security. Many fewer people will brazenly steal from a site when they know they are being identified in real time.

Information

When business sites go keyless, they get automatic real time access logs. This can greatly reduce the cost of security protocols or even compliance with standards like ISO 9001. The data that comes back is already digital, more accurate and more detailed than traditional paper logs. Businesses should be analyzing this data routinely to identify waste in their processes and optimize their operations. Profiling site accesses can yield valuable insight about where contractors are not doing their jobs. Imagine a contractor that has billed to do a job that will take at least 2 hours, but the access logs show them on site for only 3 minutes.

Convenience

Most people will not forget their phone at home. Their car pairs with it and it’s clear when it’s missing. So many life functions depend on it. A physical key or card can be left at home without a thought until the moment it’s needed. So much truck roll is saved by not having to drive to get keys, either ones forgotten or fetching them from a depot. Virtual keys are with you whenever you need them!

And, of course, going keyless is also about the convenience. I used to go out with a wallet, a phone and a keyring. Then the wallet was absorbed into the phone with services like Apple Pay. Now, the keyring is also absorbed, and my pockets thank me. What I like best is when I need to get into a lock that wouldn’t have been on my physical keyring. Contact us to learn more about how friendly the future can be.

BIAS against Bluetooth

Another vulnerability of the Bluetooth security stack has been revealed this week: Bluetooth Impersonation AttackS (BIAS).

Unfortunately, this highlights another concern with the Bluetooth stack and is, in-part, due to the wide range of devices and configurations that Bluetooth has to support. The suggested remedy is for “the Bluetooth SIG [to update] the Bluetooth Core Specification”. (Source: bluetooth.com)

All this implies it will be up to chipset vendors to find and work around the problem in the interim.

Credit: The Hacker News tells us more …

The biggest risk is likely to be against mobile devices (mobile phones and laptops). Previously-paired devices can no longer be trusted. i.e. you could be communicating with a bad actor (impersonator).

As a word of caution: other Bluetooth-enabled smart locks and mobile software solutions may incorporate this same flaw. This would allow you to pass the digital keys to the wrong device: A “man-in-the-middle” attack.

Rest assured: Teleporte relies on digitally signed certificates to ensure that communications are encrypted. Only true Sera4 locks or lock controllers have the decryption key. All this happens without using the Bluetooth security stack — so access to your Teleporte locks remains secure and unaffected by BIAS.

Don’t Call Us, We’ll Call You (Webhooks Are Here)

With every security component added into a critical infrastructure, comes the inherent need for information, automation and control. As the number of critical components in your infrastructure grow, so does complexity and the necessity to stream information as it happens. Integrators and clients are now looking to being on the receiving end of data in real time in order to provide critical dashboard updates. We’ve listened and we’ve delivered.

With Teleporte Cloud server 3.5, we have added a critical component to our API capabilities: the concept of webhooks. In a “don’t call us, we’ll call you” manner, Teleporte Cloud is now capable of calling your secure endpoint with real-time data concerning events that are happening inside your system. Webhooks are to APIs as fuel is to a fire; they can ignite your integrations and get your organization on the receiving end of updates as they happen. Remember, polling APIs is so 1990’s, go real-time by enabling webhooks.

To better understand what the difference between an API and Webhooks are, consider this simple analogy:

APIs are request based. They are useful for pulling data on demand.
Webhooks are event-based. They are useful for receiving critical events when they happen.

API + Webhooks = Complete Automation Capabilities

Teleporte Cloud now supports webhooks that can be configured for updates to important events (such as the creation or deletion of digital keys), access requests to locks and even the creation, deletion or update of system users. As an example, if you’re looking to know that ‘administrator X with email [email protected] created a digital key to lock 21, on site B that is valid from Tuesday at 9am to Tuesday at 5pm’ as it happens, then webhooks are your holy grail! Get on top of and react quicker to events happening in your infrastructure by enabling webhooks.

Feel free to ask us about our Slack integration. Our webhooks support Slack out of the box and can have your team seeing the benefits of webhooks within seconds.

Get more details about webhooks at https://apidocs.sera4.com or contact us to discuss how you can get webhooks working for you.

High-Security Keyless

In protecting your assets, there is always a tradeoff between convenience and security. For example, when you go into your office every day, you want to get in through the main doors without any delay.  But when the asset requires the highest security,  added rigour such as additional security checks are necessary.

The vault application is a good example of how keyless solutions are catching up with old standards for addressing high-security requirements.

  • Vaults often include locks whereby 2 keys are required and placed more than 6 feet apart. Two individuals, each of whom have their own unique key, must open the lock at the same time for the door to open. This approach prevents a single rogue actor from opening a door when they do not have authorized access
  • Another high-security standard opens a door after several minutes of unlock delay. This delay, connected with alarms, is a strong deterrent for criminals. They know that law enforcement will be coming while they are waiting for the door to open.

Bringing these features to Keyless

Sera4 has released Teleporte Cloud server 3.5 and Teleporte Mobile application 5.2. All Teleporte Enterprise customers now have access to high-security protocols to match the use cases above. 

  • The new Multi-Authentication Unlock feature requires two or more users to unlock a lock. Each user has their own key for that one lock and each user must issue the unlock command to the same lock. The lock only opens after all required users try to open the lock on their own account.
  • The new Delayed Open feature can be enabled on a lock-by-lock basis. The administrator can configure the delay. When someone unlocks a Sera4 lock in the Teleporte Mobile application, it will open only after the specified delay.

At Sera4, we envision a fully keyless world. With these innovations, we bring keyless benefits to the highest-security applications, such as vaults. We expect that there will be many applications for these new features that we haven’t even imagined yet.

For more information on the available features on the Teleporte Cloud server, click here. Or simply and contact us to arrange for a demo. We’re excited to show off our latest innovations.

Questioning Smart Lock Security

The benefits of installing a keyless smart lock to replace the physical key and cylinder include:

  • Identity: the removal of anonymity from each person that unlocks the assets you protect
  • Security: keyless smart locks do not have an external locking mechanism — fewer ways to defeat the lock
  • Data: the records of “who”, “when” and “where” and even “why” the smart lock was opened

While it is easy to understand these benefits, it can be challenging to understand the complexity of keyless smart lock security.

Ars Technica, The Register, and threatpost all highlight the problems that can occur when basic security measures in the domains of physical, transport, embedded, and cloud security are not addressed.

As an Enterprise Security focused company, Sera4 strives to educate everyone about the benefits of smart locks and keyless access control. We want you to understand the differences between a locking mechanism that can be opened with a phone and a complete cyber-secure platform that provides a set of tools to help secure and protect your assets.

The Four Domains of Keyless Smart Lock Security

When investigating a keyless access control solution, we encourage you to identify the following concerns and ask the right questions.

  1. Physical Security: the aspects that prevent theft or vandalism due to the hardware’s shape, size, and installation
    • Concern: Keyless smart lock hardware is perceived to be expensive and can disappear as fast as it is installed. Securing the theft of keyless smart lock hardware itself may be critical to your security program.
    • Example: Company XYZ installs a keyless smart lock. One week later after arriving on site, a user finds the door open, and the lock is missing entirely. The user can’t even secure the site before he leaves.
    • Question: Does your keyless smart lock provide options to install securely to the structure, preventing theft of the keyless smart lock itself?
  2. Embedded Security: the software that ensures data security and integrity within the keyless smart lock and the mobile device
    • Concern: Keyless smart locks need to track the time and date to allow and disallow users access within the desired time frame.
    • Example: User arrives on site, a day after his digital key expired. The user turns off his mobile radios, changes the date on his phone, and attempts to open the lock using his digital key from yesterday.
    • Question: How do you ensure timely access that isn’t dependent on the mobile device for date/time?
  3. Transport Security: the protocols and algorithms that ensure identity, digital keys and access logs are safely and securely transferred between lock, mobile device and the Cloud
    • Concern: Even using secure transport protocols, mobile devices transfer and store digital keys – exposing them to modification.
    • Example: User downloads digital keys onto his phone. User can root his mobile device, change the details of a digital key, e.g. user and time of access. User still has the code to get in, but the logs record a different user, and at a different time.
    • Questions:
      • Does a digital key incorporate the user, time, and permission to access the keyless smart lock?
      • Can the integrity of all three be assured and verified by the keyless smart lock before access is permitted?
  4. Cloud Security: the hardware and software components that allow the ubiquitous access of users, and prevent hackers from getting in to steal data or to provide unauthorized access
    • Concern: Compliance with global privacy laws imply responsibility to protect people’s information.
    • Example: Users access their account information at: https://(somewebsite.com)/user/1234. User manipulates the web address to: https://(somewebsite.com)/user/4567 and views the information of another user.
    • Questions:
      • How do you protect user information from others?
      • Do you understand and implement the concepts of Security by Design, Privacy by Design and RBAC (Role based access control)?
      • Are you compliant with country specific privacy laws (e.g. GDPR, LGPD, PIPEDA, CCPA)?
More Information

Learn more about how Sera4 addresses these questions and concerns:

AP3 Fact Sheet
Sera4 Embedded Security Fact Sheet

As always, feel free to Contact Us to ask any other questions you might have!

Deploying Teleporte during the pandemic

The COVID-19 pandemic is the biggest adjustment in business operations in a generation. Authorities worldwide are asking everyone to stay home or to maintain a social distance from others if we need to go out. No one knows how this situation will evolve, how long until we get a vaccine, and what permanent effects will persist in a “new normal”.

At Sera4, while we can’t practically retool to make facemasks, we can help with social distancing and help to monitor remote sites when technicians visit less frequently. Teleporte’s keyless infrastructure means that you grant access virtually – no handing out keys, cards or fobs; no paper sign-in sheets. You can make your process more efficient and secure, while maintaining the social distance that is now required. 

A lot of people we speak with are concerned about the risks of going digital on something as important as site access control. No one wants a system that doesn’t work as intended every single time, and many people are afraid of the risks of a hacking attack. These are legitimate concerns, given the poor reliability of many new technologies and the steady stream of bad press about smartlock solutions that have been hacked.  

We are very aware of these concerns and work hard to address them. Starting from a security infrastructure that has its roots in BlackBerry, we have built Teleporte to be the most secure keyless access system, built on a patented system that uses digital certificate – just like internet banking. Having measured a 99.97% access success rate over the last 1 million openings on the Teleporte network worldwide, we maintain that Teleporte is as reliable as a traditional lock and key.

We’ve also made Teleporte a very safe and simple system to deploy. Being a cloud-based solution, it requires no IT integration project, no servers, no data connections, no power (in the case of our padlock), no maintenance routines. Just install a padlock or a lock controller on your door, enclosure or gate and visit teleporte.sera4.com to manage access. And that’s it!  

Contact us or our network of distributors and integrators to learn how Teleporte is the right solution to roll out in the face of social distancing. Or click here and take a look through some of our information to decide for yourself.

Access Digitization and 5G

The telecom industry has talked about little other than 5G for the past couple of years. All I hear about at IoT or telecom technology conferences is the potential of 5G and the opportunities with 5G. Despite all the hype, IoT 5G still seems to be stuck in the future.

I’m sure that the industry will eventually get there. So far however, I see few customers willing to pay for the costs of putting 5G inside their IoT applications.

These costs include:

  1. Adding an always-connected service to a device requires the addition of a LPWAN radio, including the chipset, firmware and antenna. These radio systems are not yet available at prices that will facilitate mass-market adoption.
  2. The power consumption of being always connected is falling, but is still high enough to seriously impact battery life in portable devices. Always connected portable devices either need to have bigger batteries or be recharged more often. Less time between charges is not attractive in remote mission-critical applications.
  3. The costs and time it takes to certify new wireless devices for use and for sale in each market.
  4. The ongoing cost of the wireless subscription service.

We have designed Teleporte to securely virtualize an IoT network through the smartphone. This approach has the obvious disadvantage that it’s not always connected and doesn’t serve real-time alarms in case of physical vandalism.  But the advantages in the design are numerous.

  • The current Teleporte system is fully redundant to the core network of our customers. This means that it is more resilient: working even when other networks are failing.
  • The battery life of portable or remote devices is much longer.
  • Products like this can be significantly less cost to deploy, both in the up-front costs and the ongoing costs of the 5G wireless connectivity service.

Our approach with Teleporte also provides a higher level of cyber-resilience than any always-connected device does:

  • Any nefarious hacking into our customer’s core networks doesn’t affect Teleporte and if any compromise was found on the Teleporte network it couldn’t be a vector into other sensitive networks. Access control data networks should be independent of the other systems. Cyber-attacks are routinely carried out through connected “smart” devices that seem to perform a tangential function.
  • A possible hacking attack with an always-connected device might try to reach all networked access points simultaneously. For example, to unlock all sites on a network. With a network topology like Teleporte, which requires physical presence at the node to make the connection, such an attack is extremely impractical as it would involve visiting each site at the same time otherwise there is no connectivity to carry out such an attack. With most cyber-attacks being conducted by AI today, the most secure form of defence is having the connection only when it is needed.

At Sera4, we participate in building a world of machine-to-machine connected devices. We are already innovating toward secure always-connected solutions in our labs that overcome the challenges described here and when it’s feasible such features will soon integrate seamlessly in the Teleporte network. We encourage those who want the benefits of IoT access devices and smartlocks to proceed today with confidence that today’s Teleporte networks are secure and pragmatic, and that Sera4 will remain at the forefront by introducing always-connected devices as soon as it’s commercially practical to do so.

Smart tech is the smart choice so long as it’s well-engineered

A few weeks ago, we learned about Amazon’s ambitious plans for Amazon Key. Amazon Key is a solution that allows Amazon delivery people to leave packages inside the home rather than outside the door. They do this by converting traditional door locks to smartlocks, which can be accessed by Amazon when needed. A camera is included to monitor the drop offs. I expect that Amazon has done their market research; They know that some consumers will prefer the risk of giving Amazon access to their home over the risk that packages could go missing. Additionally, the service avoids the inconvenience of having to wait at home for deliveries  This is the same tradeoff between operational efficiency and security that Sera4 solves for industrial infrastructure.

Smartlock security was put to the test at last year’s DEFCON conference, where hackers try to break security. Twelve out of sixteen tested smartlocks were hacked within 15 minutes using simple digital equipment. I had hoped that this would send a message to our industry to take security more seriously. Unfortunately, Amazon’s newly-released smartlock system has already been hacked. Although the current vulnerabilities don’t show how to unlock someone’s house without authorization, the security holes destroy trust in the video surveillance that is a core component of the Amazon Key system. I don’t feel confident to put this on my front door. I doubt anyone wants a lock on their house that let hackers walk in, no matter how “smart” the feature list appears.

Designing secure smartlocks is not easy. It requires both physical security and logical security. People have been designing for physical security for centuries. We’ve largely figured out how to do that. Designing for secure wireless control is a new area, where many designers are still just learning. It’s not surprising that they overlook things.  Security is Sera4’s specialty. Since we don’t aim to get our products in residential front doors, I hope that someone else brings secure residential smartlocks to market soon. If not, adoption is going to be very slow, or we’re going to have a lot of unexpected burglaries in the near future.

The Eternal Struggle: Security versus Efficiency

It is a struggle we all know well, we need to decide whether we want to be efficient or secure. Of course in an ideal world it won’t be choice between the two, however it often is. Even something as simple as working with a contractor when you aren’t available can be difficult.

There are a few options, none of which are ideal;

  • You make sure someone is always around or available – secure but time consuming and inconvenient
  • You make a key copy to give to them – efficient, less secure, and then you still need to keep track of that extra key. In many cases you can’t make copies of security keys.
  • You leave your key somewhere – efficient but not safe as anyone could find it, and then you need to worry about how to get it back so you can access the site.

This is also if there is only one level of security, looking at more secure sites with multiple layers you get further inefficiencies. People lose their keys and access cards, and forgo security measures all the time. Reissuing key cards is time consuming and having to rekey multiple sites is expensive. On top of that when something takes 30 seconds without security but takes 10 minutes with security measures, you can guess what a lazy or malicious employee will eventually do.

There is also the added issue that unless someone is always around you have no idea who is coming and going. You also have no idea if they secure the site, when they leave, or how long they stayed. As a result you are losing time and money no matter what option you choose. If you make it too easy to access people can hack into the system and remotely open locks. When none of the options are great it can be difficult to justify spending a lot to receive so little peace of mind in return.

At Sera4 our goal is to eliminate this struggle through modern technology, and to do it for remote infrastructures that face harsh or unique environments. Every time the lock is opened or closed it is recorded in an audit log so you can keep track of exactly who has been where and for how long. Users can reset their own passwords if they forget, the app is password-protected in case your phone gets lost or stolen, and you can only see and open locks if you are near the locks. We provide a platform that works with whatever phone you already have, and doesn’t allow remote access. We believe that anyone opening a lock should be physically present at the lock, just like with a traditional key. Our architecture choice to only open locks on short-range wireless connections radically reduces the risk of a hacking threat without affecting the practical use of a Teleporte system.