Eufy Smart Lock Touch

Warnung: *Datenschutz ist in diesem Produkt nicht inbegriffen

Intelligentes Zuhause Intelligente Schlösser

Eufy Smart Lock Touch

Anker Innovations Technology
Bluetooth

Überprüft am: 9. November 2022

|
Von Mozilla investierte Zeit für die Recherche: 8 Stunden
|

Mozillas Meinung

|
Abstimmungsergebnis: Nicht unheimlich

To unlock Eufy's Smart Lock Touch, all you have to do is it give it the finger and use your fingerprint. Or use your Bluetooth connected phone to unlock the door when you're within 30 feet or so. You can also use the built-in keypad. Or even, gasp!, a physical key. Giving it the finger sounds like more fun. Unfortunately, we do have a few concerns about Eufy's privacy practices.

Was könnte passieren, wenn etwas schiefgeht?

Smart locks are one of those connected devices that seem to worry lots of people. The pros: They offer a lot of convenience with multiple ways to unlock the door to your home, a way to track who comes and goes from your home, they can allow you give out a keypad number to people like a babysitter and then revoke that when they no longer need access, and they can help you make sure you locked your front door when your anxiety kicks in on vacation. The cons: They can be vulnerable to any number of things such as power outages, lost or compromised phones, ransomware attacks on the company who made your lock, product security vulnerabilities, WiFi and/or Bluetooth vulnerabilities, home hub vulnerabilities, bad software updates, data leaks, and more.

With all that said, how does Eufy’s Smart Lock Touch stack up? This lock operates over Bluetooth, so you need to be within about 30 feet to lock or unlock it using your phone. It also uses a fingerprint, which also seems generally safe, especially as Eufy stores your fingerprint data locally on the device rather than on the internet in the cloud where it could be more vulnerable. We found no known security breaches of their smart locks

Unfortunately, Eufy has had some significant security vulnerabilities with their security cameras. In June 2022, security experts foundthree security vulnerabilities in Eufy's Homebase 2 video storage and management device that could have allowed hackers to take control of the hub, control it remotely, or steal video footage. Eufy/Anker developed fixes for these security vulnerabilities and released them to users in a timely manner. And in May 2021, Eufy was forced to apologize for a bug that exposed the camera feeds of 712 users to strangers. Eufy said the glitch happened during a software update and “users were able to access video feeds from other users’ cameras.” Eufy said in a statement the glitch was fixed an hour after it was discovered.

So, the bad news is, Eufy’s security cameras have had some serious security issues. The good news is, Eufy as a company seems to have stepped up and immediately fixed these bugs and to get the updates out to their users quickly. While these security oopsies happened to their video cameras, not their smart locks, it’s a good reminder that software updates can go wrong, which wouldn’t be good for your smart lock..

On the privacy front, Eufy’s privacy policy says they can collect a good deal of personal information on you -- things like name, email, gender, birth date, location, device information, and more. And while Eufy says they don’t sell your personal information -- which is good -- they say they can use that information to show you ads from them and third party advertisers, which isn’t so good (but also pretty standard on the internet these days). They also say they can collect personal information on you from third parties who provide it to them, such as law enforcement authorities. This worries us a bit because the way that line in their privacy policy is written is rather vague and seems like it could leave open the possibility they could collect information on users from a variety of third parties, for example, data brokers.

What’s the worst that could happen? Well, it is a smart lock that can be unlocked with your fingerprint ID. We've watched enough movies to know there's always a chance someone could chop your finger off and use it to get in your home. We really hope that never happens to you. We also hope Eufy doesn’t share your home comings and goings with third parties. That’s just not information anyone needs to have but you.

Tipps zu Ihrem Schutz

  • Check out tips to ensure your smart lock safety
  • Maintain a strong door
  • Choose a secure access code
  • Set up two-factor authentication
  • Do not sign up with third-party accounts. Better just log in with email and strong password.
  • Chose a strong password! You may use a password control tool like 1Password, KeePass etc
  • Use your device privacy controls to limit access to your personal information via app (do not give access to your camera, microphone, images, location unless neccessary)
  • Keep your app regularly updated
  • Limit ad tracking via your device (eg on iPhone go to Privacy -> Advertising -> Limit ad tracking) and biggest ad networks (for Google, go to Google account and turn off ad personalization)
  • Request your data be deleted once you stop using the app. Simply deleting an app from your device usually does not erase your personal data.
  • When starting a sign-up, do not agree to tracking of your data if possible.
mobile Datenschutz Warnung Sicherheit KI

Kann es mich ausspionieren? Information

Kamera

Gerät: Nein

App: Nein

Mikrofon

Gerät: Nein

App: Nein

Verfolgt den Standort

Gerät: Nein

App: Ja

Was kann zur Registrierung verwendet werden?

Welche Daten sammelt das Unternehmen?

Wie nutzt das Unternehmen die Daten?

We ding this product for sharing personal data for advertisement and for combining users' data with data from third parties.

Eufy does not sell data. However, they share personal identifiers for advertisement purposes: "We do not Sell any personal information to third parties. In particular, we do not Sell the personal information of minors under 16 years of age. In the preceding 12 months, we have disclosed the following categories of personal information to the following categories of recipients: [...] Advertising networks, data analytics providers. - Personal Identifiers."

Eufy also combine users' data with data obtained from third parties: "We collect or obtain Personal Data from third parties who provide it to us (e.g., credit reference agencies; law enforcement authorities; etc.)."

Wie können Sie Ihre Daten kontrollieren?

We ding this product because it is not clear all users have the same rights to access and delete their data. Eufy specifically mentions the right to delete data only for users based in California.

"Subject to applicable law, you may have the following rights regarding the Processing of your Relevant Personal Data...."

Data retention policies for Eufy are rather confusing, however Eufy does promise to delete or anonymised data once they do not need it any more:
"Once the periods in paragraphs (1), (2) and (3) above, each to the extent applicable, have concluded, we will either:
- permanently delete or destroy the relevant Personal Data; or
- anonymize the relevant Personal Data."

Wie ist das Unternehmen in der Vergangenheit mit den Daten über seine Verbraucher umgegangen?

Durchschnittlich

In June 2022, three security vulnerabilities were found in Eufy's Homebase 2 video storage and management device that could have allowed hackers to take control of the hub, control it remotely, or steal video footage. Eufy/Anker developed fixes for these secruity vulnerabilities and released them to users in a timely manner.

In May 2021, Eufy was forced to apologize for a bug that exposed the camera feeds of 712 users to strangers. Eufy said the glitch happened during a software update and “users were able to access video feeds from other users’ cameras.” Eufy said in a statement the glitch was fixed an hour after it was discovered.

Informationen zum Datenschutz bei Kindern

Our Sites, products, or services are not directed to children under the age of 13. As a result, our Sites, products, or services do not request or knowingly collect personal information from individuals under the age of 13. If you are not 13 or older, you should not visit or use our Sites, products, or services .

Kann dieses Produkt offline genutzt werden?

Ja

Benutzerfreundliche Informationen zum Datenschutz?

Ja

Structured and concise

Links zu Datenschutzinformationen

Erfüllt dieses Produkt unsere Mindestsicherheitsstandards? Information

Ja

Verschlüsselung

Ja

Sicheres Passwort

Ja

Sicherheits-Updates

Ja

Umgang mit Schwachstellen

Ja

Datenschutzrichtlinie

Ja

Verwendet das Produkt KI? Information

Ja

Ist diese KI nicht vertrauenswürdig?

Nicht zu bestimmen

Welche Entscheidungen trifft die KI über Sie oder für Sie?

The built-in AI reduces the number of false alerts you receive by intelligently differentiating people from objects. It has features like pet detection, and even crying detection.

Gibt das Unternehmen transparent an, wie die KI funktioniert?

Nicht zu bestimmen

Hat der Benutzer die Kontrolle über die KI-Funktionen?

Ja

*Datenschutz nicht inbegriffen

Tauchen Sie tiefer ein

  • Here’s Anker’s apology after 712 Eufy customers had camera feeds exposed to strangers
    The Verge
  • Eufy says software 'bug' that exposed users' video footage to strangers has been fixed
    CNET
  • Use A Smart Lock? Get In The Sea, 73% Of Security Professionals Say
    Forbes
  • Eufy security cameras hit with bug giving access to users feeds
    Poc Network
  • Anker’s Eufy division pledges to bolster security following privacy snafu, apologizes again
    TechHive
  • Can Smart Locks Be Hacked? And How to Prevent It
    DIY Smart Home Solutions
  • Best Smart Locks of 2021
    Consumer Reports
  • Should I get a smart lock? The pros and cons of going digital on your door
    USA Today

Kommentare

Möchten Sie einen Kommentar loswerden? Schreiben Sie uns.