Safeguarding security

4 mins read

How are operators safeguarding data captured by smart devices? Kuldip Singh Johal considers the options.

Almost a quarter of British people now own more than one smart home device.

In its recent report on the connected home, techUK found that consumers are now more knowledgeable about smart homes and that ownership has increased. Three out of five consumers now own at least one smart home device and the 25 to 44 age group own the most connected home products.

Commenting on the report, Teodora Kaneva, Programme Manager, SmarterUK, said, “The connected home market is developing rapidly; this is primarily driven by innovation in the industry. We see a huge appetite for smart home technology to, not only provide comfort and safety, but also to reduce household bills and allow consumers to interact with the ecosystem. The increase smart home device usage will also allow the energy, automobile, and connectivity providers to further innovate and work with Government to tackle key environmental challenges.”

However, while each new connected device or additional service increases consumers’ potential enjoyment, it also adds to their list of concerns about their personal viewing habits and financial information being hacked, misused or sold to unknown third parties.

With Chinese telecoms giant, Huawei, hitting the headlines in recent months due to security concerns about how it could use data, consumer worries have increased – in fact, according to the report from techUK, that is putting consumers off smart home technology as their concerns about privacy and security grow, and a lack of knowledge is another primary barrier to take up.

So, how exactly is the data captured by smart devices being used and what are operators doing to safeguard this information?

Security provisions
Every time a consumer brings a smart device into their home, it becomes another point someone could exploit. If a device isn’t properly secure, it could be possible for hackers to connect to the device and do damage to the user’s in-home network of products. A further security consideration that comes with interoperability is that if one device within a smart home network goes down or is breached, it could bring down the entire network.

Often, people don’t think about the security implications of adding new devices to their eco-system, so this responsibility must fall to the operator. Operators must, therefore, ensure their devices don’t become a backdoor for hackers to get into the home, take data or bring down an entire network. As such, it is vital they also provide security software which analyses the risks posed by any other devices entering into the ecosystem. Additionally, operators should set a minimum-security standard or criteria that devices must meet before they can become part of a user’s network to remove this risk.

Increasingly, some operators are offering cybersecurity add-ons which can monitor the devices on the network within the home to make sure they all have the latest firmware updates to give users peace of mind that there aren’t any vulnerabilities in their home. However, this is something all operators should begin to do by offering the security provisions consumers would expect from any other service provider. For instance, if a consumer buys a laptop, they tend to be asked if they’d like to add anti-virus software to their purchase. Operators should follow suit and offer this value-added service as a best practice as it will allow them to deliver a better level of service to the end user and ensure that their devices aren’t just interoperable, but also secure.

Turning data into insights
While there’s no doubt that smart devices are collecting data, it’s worth noting that rather than being focused on owning the data itself, operators are interested in the insights they can gain from the data. This information allows them to see what their users like and dislike, what’s working well and what’s not working, and how they can make improvements the service they are providing. Yet, this can be a double-edged sword; while people want to use smart devices and expect them to provide a more personalised service (which is driven by data insight), they often don’t want smart devices to have access to their personal data, or to be privy to what goes on in their home. This is a challenge that operators must overcome to ensure users can put their trust in operators and be confident that their information won’t just be sold to the highest bidder

Furthermore, it’s been found that almost half of consumers think that their smart device is always listening to them. However, this is a common misconception. In fact, the majority of smart devices only start to listen when it detects a wake word, such as “Alexa” or “OK Google”. This means that it isn’t capturing or storing audio until it hears those phrases and demonstrates how operators are putting processes in place to ensure smart devices aren’t always listening, easing concerns that consumers have over privacy.

However, many users are unaware of this function and so more needs to be done to install confidence among consumers to ensure they understand that their devices aren’t constantly capturing and monetising data. In turn, this level of understanding is essential to ensuring consumers are comfortable sharing their data, enabling operators to provide personalised service.

Voice 2.0
It’s only a matter of time before we see voice biometrics come into play as operators find new ways to make access to devices safer and more convenient for smart device users. Already, some banks are allowing customers to use voice to access online banking, with the app authenticating the customer based on their voice. This is something we will see with voice 2.0 which will allow consumers to use voice for actions such as disarming their home security alarm. But with this will come additional security requirements, after all, users need to be confident that their device will only fulfil certain commands if the user’s voice can be authenticated and if they are authorised to give it and not, for example, if when a burglar says it. For operators, voice 2.0 will be about trying to make the end user’s life as simple as possible but without leaving devices open to vulnerabilities that can be exploited. If operators can ensure voice biometrics can meet these levels of security, it won’t be long before it is adopted across the board.

One of the major perks of using smart devices is that they are convenient. People are pushed for time and want more immediacy from every aspect of their lives, and this is something that smart devices deliver. However, while consumers need convenience, they won’t be interested in smart devices at all if they are not secure. As a result, the majority of operators and manufacturers are tackling the issues of security and privacy of voice technology head on and are making interaction more secure and intuitive. As such, the concept of operators selling data they collect is misguided. After all, operators are only interested in selling content and have been in the business of protecting data for more than two decades.

One thing that is clear, however, is that operators must do more to educate users on security features and offer consumers extra security packages in order to instil a sense of trust among their users and ensure that not only is the device they providing secure, but that it won’t allow other less secure devices to enter into the same ecosystem.

Author details: Kuldip Singh Johal is VP of sales for subscription broadcasting, Universal Electronics