Smart door lock, which uses passwords, fingerprints and other unlocking methods, provides everyone with a "new choice to unlock", which not only solves the "old and difficult" problems such as forgetting to bring the key and losing the key, but also improves the security of the home and becomes the "explosive product" of people's home decoration.
However, is this "artifact" really not flawless?
At present, the smart door locks on the market mainly use passwords, fingerprints, faces, Bluetooth, APP, which are several unlocking authentication methods. The security vulnerability of the smart door lock is hidden in its authentication method.
1. Password unlock
Password unlocking is the most common authentication method used by smart door locks, which verifies the identity of the user by letting the user enter a password on the door lock. In order to prevent the password from being spied on, many merchants have also set up enhanced random security codes, temporary passwords, and virtual passwords for door locks.
However, the password unlock also has a flaw, that is, its combination lock plate is always exposed, and the thief may spray the special spray on the password lock plate in advance, and guess the door lock code by observing the scratches and trajectories caused by the spray when the owner enters the password.
2. Fingerprint unlock
In recent years, biometric technology (through pre-registered biometrics, such as fingerprints, faces, voiceprints, etc. to verify user identity) has received unprecedented attention, and fingerprint unlocking is the biometric technology popularized in smart door locks, which is actually the initial public perception of smart door locks. After all, nowadays, everyone's mobile phones basically use fingerprint unlocking, so it is also applied to the door lock of the "nursing home", and once launched, it is quickly welcomed by the market.
The biggest risk of fingerprint unlocking lies in the leakage of fingerprints. Previously, a number of domestic media reported that "fingerprint recognition problems occur in many mobile phones, and everyone can unlock after filming", pointing out that there are algorithm loopholes in fingerprint recognition of smart phones. Nowadays, some manufacturers directly copy the mobile phone fingerprint recognition solution to the smart door lock, and this security vulnerability may also be "transplanted" to everyone's home door, and the security risks brought by it have to be prevented.
3. Face unlock
The application of biometric technology in smart door locks is deepening, of which fingerprint unlocking is the most common. In addition, face unlocking technology is also favored by some units and families. However, at present, the smart door lock technology equipped with face recognition function is still relatively rudimentary, and some cannot distinguish between living bodies and flat portraits. People with ulterior motives take a photo of the owner or record a video of the host, and after technical processing, the door lock may be opened. In October 2018, the State Administration of Market Regulation issued a consumer warning on the quality and safety of smart door locks, which mentioned that smart door locks equipped with face recognition functions have high security risks, and advised consumers to turn off this function.
4. Bluetooth unlock
Bluetooth unlocking refers to the Bluetooth element inside the smart door lock through the Bluetooth pairing of the smart phone, and the lock is directly unlocked with the mobile phone after successful pairing. Bluetooth unlocking is currently very popular in the market, and many smart door locks support this function.
The security risk of Bluetooth unlocking is that the key distribution during pairing is not secure, and the data interaction interface is easily exposed. Recently, there have been media reports of hackers detecting and camouflaged unlocks through Bluetooth.
5.APP unlocked
APP unlocking and Bluetooth unlocking are both unlocked with mobile phones, which is easy to confuse consumers when purchasing, but in fact, the difference is obvious. The biggest difference between the two is that Bluetooth unlocking can only be unlocked near the smart door lock, while APP unlocking supports remote operation. The working principle of APP unlocking is to issue instructions by mobile APP (or WeChat) through the network or GSM function, reach the smart door lock terminal through the relay server, and unlock the lock after parsing the instructions.
APP unlocking seems to be the most "advanced" of all unlocking methods, not only do not have to worry about losing the key, but also do not have to worry about not being at home. But in fact, this way of unlocking is the easiest to leak, after all, most of the process of APP unlocking is operated on the network, involving a large number of home addresses, user fingerprints, door lock passwords and other important information, which is very easy to be remembered by hackers. Once it is cracked by hackers and information leaked, it will cause the door to open widely, and the consequences are unimaginable.