This week locks hit the mainstream media in big ways. We had the launch of the ‘Amazon key-in-car’, whilst at the same time, stories about millions of hotel keycards being hacked were published in Forbes, Wired, BBC, Fox and many other press outlets.
The ‘Amazon key-in-car’ even featured on the Late Show with Stephen Colbert, although this wasn’t the first time the show had lampooned Amazon Key – last year when ‘Amazon key for your home’ first launched, the Late Show and many other late-night comedy shows did bits on Amazon Key. Amazon key, when it was first launched late last year, copped a lot of criticism, with many people rejecting the idea of giving Amazon access to their home.
See Stephen Colbert's bit on Amazon Key at 3:17 in the video below.
Whilst the 'new' hotel key hack and the 'new' Amazon key stories broke for the first time last week, there was still a steady stream of car key hack stories running in the mainstream press - for example, see this car key hack story in last weeks UK’s Sun. Other stories like this have been running regularly for over a year now.
Stories about millions of hotel key cards being hacked, are certainly not ‘new’ news stories – for example, back in 2012 over 4 million keycard locks were exposed as hackable at a Black Hack conference, and a spate of burglaries and break-ins in hotels followed - e.g see story here.
The technology hacked in 2012 was magnetic stripe keycard technology, which is about 40 years old. The mag-stripe technology, also used in millions of credit cards, was exposed to hacking in credit cards, with the infamous Target credit card hack of 2013 which exposed tens of millions people's credit card details.
Returning to the latest hotel key card hack, Cybersecurity company F-Secure this week announced that hotel rooms fitted with electronic locks made by Assa Abloy, the world’s largest lock manufacturer, could have been exploited by attackers to access any room.
Hotels with an Assa Abloy locking system include major chains such as Sheraton, Radisson and Hyatt.
According to Assa Abloy “The patches fix all the vulnerabilities we have identified. However, it is up to the hotels whether they patch their systems in a timely manner. Installing the updates is somewhat labour-intensive since you need first to update the backend software and then go to each and every lock to update the lock firmware.”
Ok, so what can we make out of all this latest lock publicity?
Hotel keycard lock technologies, mag-stripe technology and RFID technology, are old technologies, and vulnerable to hacking
Hacks can be patched/fixed, but they require software/firmware updates, which means physically visiting the lock each time a hack occurs to patch it up, until the next hack is exposed.
Amazon is attempting to solve a massive problem called, “the last mile” as its costing them tens of millions a year in missed deliveries, storage, and people stealing packages.
We don’t trust companies with digital keys and smart locks to access our houses and cars.
There is a solution to all of the above – that is a connected lock, with a new secure technology built specifically for smart devices. This solves problem 1 by introducing a new secure technology that is not vulnerable to hacking.
Problem 2 can be solved as with a connected lock, as if a hack was exposed, a patch could be sent over-the-internet in minutes to repair it, before anyone even knew about it.
Problem 3 could be solved, by adding this new connected lock technology to new type of secure letterbox in people's front yards, or more appropriately a secure ‘parcel delivery box’.
Finally problem 4 could be solved with a new secure, superior, proven technology built specifically for smart devices, which can win the public’s trust back.
The solution to all these problems is a new technology called NB IoT. To learn more about NB IoT, please click here.