At Def Con in August this year when many Bluetooth Smart Locks were hacked by security experts, many of you were wondering if this risk could be applied to Nuki as well. Safety is our top priority. That is why we have had Nuki tested by an independent security expert after we dispatched the first products – just as we have announced before. The goal was to evaluate how secure Nuki is against hacker attacks.
First of all, Nuki was not part of the test at Def Con and we were not contacted by any of the security specialists either – nor before neither after the test. Nevertheless, it is worth mentioning that the security specialist to whom we reached out – Tobias Zillner of Zillner IT-Security – was present at the Def Con and experienced the presented tests first hand. This is one of many reasons why Zillner was the right one to submit Nuki to an acid test.
Tobias Zillner is an expert in the field of IT security and has been working with security audits of various systems and solutions for years. Zillner is an internationally recognized security researcher and an active member of the IT security community.
Similar to Def Con, the goal of the Security Assessment was to identify security gaps within the security architecture. In more detail, the web API, Bluetooth communication and the related infrastructure were analyzed which could potentially endanger the security of the door lock and threaten the security of customer data.
No Unauthorized Access to System or Data Is Possible
Today we are pleased to show you the results of the security assessment – with a very positive outcome for Nuki.
“The review came to the conclusion that the safety concept and the technical implementation of the safety controls can be described as very robust and that the security of the systems and data is not exposed to an acute risk. After reviewing the documents provided, a vulnerability assessment of the infrastructure and the execution of targeted tests regarding the safety of Bluetooth communication, no critical or serious weaknesses could be identified. It was not possible for the tester to gain unauthorized access to the systems or data.”
This independent certification confirms once more that focus on quality and safety is the right way to go. We are always trying to be as transparent as possible. That is why we decided already more than a year ago to give a deeper insight into our used safety concept.
Security of your home is and will continue to be one of our most important concerns in the future. With this in mind, we will continue to develop Nuki and work on new products to make access to your home even more intelligent. Soon we will have more good news for you. So, stay tuned!