Apple Goes All-In On HomeKit Privacy

By John Leonard July 31, 2019

smart-home-3920905_1280

With some recent surprise announcements, Apple is positioning itself as the smart home platform for privacy-conscious consumers. Here’s what you need to know as an IoT developer.

Apple went big on privacy at this year’s Worldwide Developer Conference (WWDC), its annual get-together for developers working within the Apple ecosystem.

Features like “Sign-in with Apple” and a new fork of iOS for iPad grabbed the consumer headlines, but it’s the HomeKit features we’re especially interested in. Some feel Apple has been neglecting HomeKit for a while now, but these surprising announcements show an awful lot has been happening behind closed doors. The end result remains to be seen but is arguably the most secure and robust smart home solution for IoT devices.

Addressing security at router level

Some IoT devices suffer from a poor security reputation especially in the consumer space. Stories such as a casino being hacked through a connected fish tank or the recent allegations that Amazon employees listen in and share conversations people had with their Alexa smart speaker system don’t do much to help matters.

Developers attending this year’s WWDC weren’t expecting much, if anything, of HomeKit. Instead, Apple has decided to address the security concerns of the smart home at router level.

New routers that support HomeKit will in the future be firewall connected HomeKit devices. If one of them is attacked, the rest of the devices on the network are not compromised.

Read more: Why secure solutions are essential for home automation

Given Apple’s closed system, HomeKit devices are already considered some of the most secure in the smart home space. It will be interesting to see the precise details of the technical implementation, such as how user’s control devices (e.g. iPhone) will work with the firewalled accessories.

According to early news reports, the first such routers will be launched by Linksys, Euro, and ISP’s like Charter Spectrum later in 2019.

Shortcuts to build powerful behaviour scenarios

Another powerful new feature is shortcuts, which allows devices to trigger actions and events between themselves. This presents many different interesting and exciting scenarios, and is a step towards finally putting the smart into the smart home.

Such a scenario might involve the opening of door locks triggering coffee makers, home entertainment, or maybe even preparing a bath, who knows.

As an aside, the shortcuts concept of events that trigger other events autonomously has always been an integral feature of Nordic’s nRF51 and nRF52 Series SoCs. An event on the radio or an interface or peripheral can trigger events on other elements in the SoC without the need for any CPU intervention. Quite complex task sets can be created by daisy-chaining events and triggers together.

Separating home devices from the surfing, streaming and the cloud

It is an interesting and very logical move to separate out devices on the home network and keep them walled off from personal devices such as PCs and smartphones and the like.

Devices such as lights are built at a much lower cost, with devices and systems that don’t have the security resources of something like an iPhone. This can make them the target for hackers wanting to hack from afar due to their perceived greater vulnerability when permanently online to the internet.

The new HomeKit security enhancements will allow devices to remain only locally networked if desired with no cloud connection in place. This may well be the most desirable outcome for 99% of operations. Cloud connectivity can be achieved via a secure router gatewaying in only signed certificate firmware updates, and the occasional remote user control. Other than that, it operates as a walled network.

A more private video experience

Apple also announced HomeKit Secure Video, which analyses videos from smart home devices such as security cameras or webcams locally, before encrypting and uploading them to iCloud. Craig Federighi, Senior Vice President of software engineering, announced the development onstage:

“Most home cameras today send people’s video up to the cloud so it can be analysed to tell the difference, for example, between a leaf blowing in the wind and someone at your door. Unfortunately, this risks your privacy, but we have a new way. HomeKit has been designed from the outset to protect privacy and security in your home accessories.”

What this means in practice is that for video from compatible webcams, all the data analysis will be performed locally on a device such as an iPad, HomePod or AppleTV. Up until now other produces have sent video to the cloud for analysis before any action is taken.

The interesting aspect here for IoT developers is that Apple will store saved video files from HomeKit-enabled cameras to iCloud, giving users up to ten days to review them. The files will be encrypted and no-one at Apple will be able to review them.

What is interesting to note for IoT developers and especially hardware manufacturers are that this video storage will not count against the existing storage limits from a user’s iCloud account. Assuming the sales of HomeKit-enabled cameras take off and users take advantage of this service, that’s bad news for the likes of Nest and Netgear that charge a monthly fee for similar storage.

Of course, not all hardware manufacturers are going to support the HomeKit API. It will make for an interesting economic decision for many companies.

 

Entering the Internet of Things: Opportunity, Risks & Strategy Download the free eBook now

 

Topics: homekit, home automation, smart home


John Leonard's photo

By: John Leonard

John Leonard has a B.Sc (Hons) in Electronics and Computing from the University of Portsmouth in the UK. Leonard currently works as Product Marketing Manager in Product Management with responsibility for product support needs and staff training requirements. He has worked in various roles in the 12 years he has been with Nordic Semiconductor, including Field Applications Engineer and Regional Sales Manager in both US and Europe. Previously he has worked in Systems & Software within the defense industry. Outside of work Leonard enjoys playing guitar, reading and playing football. Feel free to ask John a question in the comments below!

Epost

Comments

Get Connected Blog

This blog is for you who are new to the connected world of the Internet of Things (IoT) - whether you are a senior executive, in product development, or simply a curious soul.

Our goal is to inform you, keep you updated and help you understand the opportunities and challenges of IoT for your industry.

If you are a developer, you may want to check out our blogs and developer guides in the DevZone

Visit www.nordicsemi.com

New Call-to-action

Latest Posts