On March 25, 2019, a security vulnerability from the product of a world well-known security manufacturer was reported. According to the report, due to its unencrypted signal communication and predictability of rolling codes, it is highly possible that the signal of the remote control can be desynchronized, thus it poses significant risks to the integrity of the whole system. In the event of this alarming fact, we would like to reassure you the security of our system is utterly protected by sharing the following information.
In general, the security for an electronic system includes two aspects: communication and data storage. To ensure a secure communication link, we’ve developed a highly sensitive proprietary encryption technique called Bi-directional Multi-factor (BDMF) encryption mechanism, which is detailed on the left column. As its fundamental principle, two sets of encryption keys (a public key and private keys) along with timestamps are used to protect the integrity of the communication. For each communication, a new private encryption key with the current timestamp are adopted to secure the communication link.
In terms of data security, we have also adopted a set of advanced data encryption techniques including MD5, “Salt” and etc to eliminate the possibility of data being shattered by external forces. As a result, the data stored in our system is seamlessly guarded.
Furthermore, as a global residential security product manufacture, we take data privacy very seriously. Thus we are proud to announce that our system has complied with the newly introduced EU GDPR policy since early this year.
For more information relating our newly released features, please feel free to contact: [email protected].
———————————————————————————————————————————————————————–
What is BDMF Encryption?
Bi-Directional Muti-Factor (BDMF) encryption mechanism is our patented encryption technique that ensures the integrity of communication between the panel and its associating devices.
Its operation principle is illustrated as follow:
1. Time stamp and AES256 encryption techniques are used to generate both public key and private key.
2. A new private key is announced every time the device operates
3. Public key is only used once during the communication lifecycle to minimize its exposure.
4. The panel records 2 keys for verification and examines the security level of the system. Once a certain level is reached, the system will notify its user to examine the system security and instruct the user to regenerate a new private key using the public key.