Unlocking the Smart Home: An Examination of Factors Influencing Smart Lock Adoption Intention

Smart home technologies are a growing trend, yet little is known about factors that drive their adoption, given the spectrum of potential functional, experiential and esthetic benefits they offer. To address this gap in research, we explore the factorial structure of salient perceived benefits and concerns associated with smart locks, and we examine the effects of the emergent factors on the adoption intention. We find that while potential adopters express a broad range of perceived benefits and concerns associated with smart locks, only the perceived relative advantage of smart locks vis-a-vis conventional locks in providing safety and security is significantly correlated with adoption intention. Our results indicate that this perceived relative advantage is a critical consideration in the adoption of smart home technologies that replace existing solutions

Smart-Lock Attack Through Bluetooth Communications Replication

The rise of smart locks has made them present in many homes and business in a large number of countries. This is due to their user-friendly design and the flexibility they offer. Smart-locks usually offer a convenient and secure way to unlock the door without the need for keys. However, as with any new technology, there are potential security risks that need to be considered. In particular, bluetooth security of smart-locks is very important because a leak can provide unauthorized access. Bluetooth is a wireless technology that allows devices to communicate with each other. It is used in a variety of devices, including smartphones, laptops, and now smart-locks. While Bluetooth offers many benefits, it also poses a security risk if it is not properly secured. To ensure the smart-lock is secure, one of the security factors must be considered is the Bluetooth security. This will ensure that only authorized users can access the home or business. In this work, the security of the Nuki smart-lock through bluetooth communications have been checked.Research supported by the CDTI (Centre for the Development of Industrial Technology), the Ministry of Economy Industry and Competitiveness, Celtic-Plus EUREKA and the European Regional Development Fund, under Project IMMINENCE C2020/2-2

Research on smart-locks cybersecurity and vulnerabilities

Smart-locks have become increasingly popular for access to homes and businesses in many countries, because of their ease of use and adaptability. These locks offer a simple and secure alternative to traditional key-based entry, making them an attractive choice for both residential and commercial properties. Nevertheless, it is essential to acknowledge the potential security threats that come with any new technology. The security of smart-locks is particularly critical, as a breach could result in unauthorized entry. Since the smart-locks can connect, there are different ways to check if vulnerabilities can be found easily or on the contrary, if the security level is high. Two of the main ways of checking the security level of this kind of IoT device are the information that can be obtained from the Android application and the security level of the Bluetooth connection. Many vulnerabilities can be found in the Android smart lock management application. This application is very useful to perform all the configurations with such a lock, but if it is not properly implemented and secured, it can provide clues for malicious users to perform unauthorized access to the system. Another security factor is the Bluetooth connection. This ensures that only authorized users have access to the property. In this work, we have analyzed the security level of different parts of smart-locks. In particular, we have analyzed the security of the applications for the most important smart-locks on the market. This study reveals relevant information such as whether the application is obfuscated or not, the encryption algorithm for the Bluetooth connection, or relevant URLs that applications use to connect to the cloud. The security of the Bluetooth connection between the smartphone application and two selected smart-locks was also analyzed. It was demonstrated that if no encryption is used for the Bluetooth connection, the smart-lock is not secure, but if AES encryption is used, the security level is high.Open Access funding provided thanks to the CRUE-CSIC agreement with Springer Nature. Research supported by the Cátedra Institucional de Ciberseguridad Binter and the Cátedra Edosoft de Computación en la Nube e Inteligencia Artificial, both from the University of La Laguna

Finnish Homeowners’ Attitudes Towards Smart Locks

Kuluttajien kiinnostus älykoteja kohtaan on kasvanut viime vuosina, ja vastauksena tähän ilmiöön markkinoille on ilmestynyt uudenlaisia älylukkoja. Niiden markkinat ovat kuitenkin vielä niin tuoreet, että älylukkojen valmistajatkaan eivät tunnu kunnolla tietävän, ketkä kuuluvat älylukkojen todelliseen kohderyhmään ja miksi. Tässä diplomityössä tutkitaan suomalaisten asunnonomistajien ennakkoasenteita älylukkoja kohtaan sekä heidän suhtautumistaan nykyisiin älylukkoihin perustuvaan älylukkokonseptiin. Aihe on uusi, eikä vastaavaa tutkimusta ole aiemmin tehty, ja tästä syystä tutkimus on luonteeltaan pitkälti eksploratiivinen. Useiden eri alojen kirjallisuudesta muodostetaan pohja ihmisten suhtautumisesta elämää helpottaviin ja turvallisuutta parantaviin kestokulutushyödykkeisiin, ja aihetta tutkitaan empiirisellä monimenetelmätutkimuksella. Tutkimus toteutettiin tekemällä laadullisia haastatteluita sekä Internet-kysely. Suomalaisten asunnonomistajien suhtautuminen älylukkoihin on kokonaisuudessaan ristiriitaista. Toisaalta älylukkojen tuomia uhkakuvia pelätään ja suhtautuminen älylukkoihin on vahvasti skeptistä, ja toisaalta älylukkoja kohtaan osoitetaan aitoa mielenkiintoa. Suuri enemmistö pitää turvallisuutta tärkeänä ja suhtautuu älylukkoihin myönteisesti, jos ne parantavat turvallisuutta. Elämän helpottamisen arvostaminen indikoi vahvasti myönteistä älylukkoihin suhtautumista, mutta sen vaihtelu populaatiossa on suurta. Pienten lasten vanhemmat pitävät älylukkoja poikkeuksellisen hyödyllisinä, sillä samanaikaisesti lasten turvallisuus on äärimmäisen tärkeää, mutta pienten lasten vanhemmat kaipaavat myös elämän helpottamista. Kaiken kaikkiaan nuoremmat ja hyvätuloiset henkilöt suhtautuvat älylukkoon iäkkäämpiä ja pienituloisempia myönteisemmin. Kuten monilla uusilla innovaatioilla älylukoilla on olemassa vahva aikaisten omaksujien ryhmä, mutta enemmistö suhtautuu älylukkoon skeptisesti. Suomalaisten asunnonomistajien pelko siitä, että älylukot vaarantavat kodin turvallisuuden, on merkittävä mahdollinen kompastuskivi, joka täytyy ylittää rakentamalla riittävä luottamus älylukkojen turvallisuuteen. Älylukkojen todellista käyttöä sisältävät tutkimukset voisivat tässä suhteessa olla hyödyllinen tutkimussuunta tulevaisuudessa.Public interest in smart homes has increased during the last years, and this has induced the commercial release of a number of new smart locks. The novelty of the smart lock market, however, seems to provoke a lack of understanding of who are the actual target group of smart locks and why. This Master’s thesis investigates what kinds of attitudes Finnish homeowners have towards smart locks and how they react to a smart lock concept based on currently available smart locks. The topic is new and has not been studied before, thus, the research is largely explorative by nature. A groundwork on how consumers value convenience and security durables is conducted, drawing from many different areas of research, and the topic is studied with means of empirical mixed-methods research. The research was implemented by, firstly, conducting qualitative interviews and, secondly, an Internet survey. Finnish homeowners’ attitudes towards smart locks altogether are conflicting. On one hand, the fear of perceived threats, mainly crime, is dominant and scepticism towards smart locks grows deep, but, on the other hand, people show genuine interest in smart locks. Safety is important for a vast majority who consider smart locks useful if they improve perceived security. Convenience orientation, on the contrary, varies greatly in the population but seems to indicate positive attitudes toward smart locks. Parents of small children consider smart locks exceptionally useful because the safety of children is extremely important while simultaneously small children keep the parents busy and in need of additional convenience. Overall, younger age and high income seem to correlate with more positive attitudes toward smart locks. Smart locks, like many innovations, seem to evoke a strong group of early adopters, however, a majority of Finnish homeowners view smart locks sceptically. The fear of perceived security threats, which smart locks might bring about, is a potential major stumbling block which has to be overcome by building adequate trust in the safety of smart locks. Tackling this issue, studies involving actual usage of smart locks could be a useful direction of future research

Lock Picking in the Era of Internet of Things

Smart locks are a recent development in the Internet of Things that aim to modernise traditional keybased padlock systems. They allow users to operate the lock with their smartphone instead of carrying around a physical key. Typically, smart locks have a cloud system for sharing access with other people, which makes them ideal for schemes such as communal lockers or bike sharing. One of the smart locks available on the market is that produced by Master Lock. They are an established brand, and unlike many of the single product companies that have provided insecure offerings, Master Lock have so far shown that their locks are reasonably secure and resistant to known attacks such as shimming, fuzzing, and replay attacks. This paper provides a security analysis of the Master Lock Bluetooth padlock. More importantly, it reveals that there were several security vulnerabilities, including a serious one in the Application Programming Interface used by Master Lock to provide a crucial feature for managing access. We carried out a responsible disclosure exercise to Master Lock, but communication proved to be quite a challenge. In the end we managed to establish contact, and as a result the most serious vulnerabilities have now been patched. This indicates that responsible disclosure is a valuable exercise, but we still need better report-and-response mechanisms

IoT Droplocks: Wireless Fingerprint Theft Using Hacked Smart Locks

Electronic locks can provide security- and convenience-enhancing features, with fingerprint readers an increasingly common feature in these products. When equipped with a wireless radio, they become a smart lock and join the billions of IoT devices proliferating our world. However, such capabilities can also be used to transform smart locks into fingerprint harvesters that compromise an individual's security without their knowledge. We have named this the droplock attack. This paper demonstrates how the harvesting technique works, shows that off-the-shelf smart locks can be invisibly modified to perform such attacks, discusses the implications for smart device design and usage, and calls for better manufacturer and public treatment of this issue.Comment: Submitted and accepted into 2022 IEEE International Conferences on Internet of Things (iThings) and IEEE Green Computing & Communications (GreenCom) and IEEE Cyber, Physical & Social Computing (CPSCom) and IEEE Smart Data (SmartData) and IEEE Congress. Submitted version: 10 pages, 8 figure

Physical location of smart key activators:A building security penetration test

Purpose When security managers choose to deploy a smart lock activation system, the number of units needed and their location needs to be established. This study aims to present the results of a penetration test involving smart locks in the context of building security. The authors investigated how the amount of effort an employee has to invest in complying with a security policy (i.e. walk from the office to the smart key activator) influences vulnerability. In particular, the attractiveness of a no-effort alternative (i.e. someone else walking from your office to the key activators to perform a task on your behalf) was evaluated. The contribution of this study relates to showing how experimental psychology can be used to determine the cost-benefit analysis (CBA) of physical building security measures. Design/methodology/approach Twenty-seven different “offenders” visited the offices of 116 employees. Using a script, each offender introduced a problem, provided a solution and asked the employee to hand over their office key. Findings A total of 58.6 per cent of the employees handed over their keys to a stranger; no difference was found between female and male employees. The likelihood of handing over the keys for employees close to a key activator was similar to that of those who were further away. Research limitations/implications The results suggest that installing additional key activators is not conducive to reducing the building’s security vulnerability associated with the handing over of keys to strangers. Originality/value No research seems to have investigated the distribution of smart key activators in the context of a physical penetration test. This research highlights the need to raise awareness of social engineering and of the vulnerabilities introduced via smart locks (and other smart systems). </jats:sec