Potential targets of attack

At regular intervals, the media report that hackers are hijacking computers, smart phones and smart homes. So it's no surprise that some people still have reservations about turning their house into a smart home and connecting it to the internet.. However, this fear is unfounded if you rely on a secure smart home system such as Homematic IP. 
Before we turn to the protective measures of Homematic IP, it is important to understand how a smart home is fundamentally structured. A smart home includes networked components such as wall switches, window and door contacts and switch actuators that communicate wirelessly with an access point. The access point is in turn connected to the router via LAN or WLAN. The router regulates communication with other devices in the home network and, if necessary, establishes the connection to the internet. 

This means that hackers have three targets of attack:

  1. The connection between the components and the central control system.
  2. The home network in which the central control system is located.
  3. Or hackers attempt to access the smart home via the internet.

Reliable protection

Homematic IP reliably secures all three targets of attack. Homematic IP relies on complex encryption and authentication based on AES (Advanced Encryption Standard) and CCM (Counter with CBC-MAC) for all device communication - both of which are tried-and-tested technologies that banks also use.
In concrete terms, this means the following for communication between the Homematic IP components and the central control system: Even if a hacker manages to record the data packets sent, he does not know what is in the data packets because of the encryption. This means that he doesn't know whether a command has been sent to switch on the light or to deactivate the alarm system. Likewise, there is no point in resubmitting the recorded data or changing it. A Homematic IP system detects all this and ignores the data.
Homematic IP uses yet another security measure for wireless communication, which is sometimes absent even in high-quality alarm systems: The system immediately informs the residents if it detects a jammer. So it's no use if an intruder tries to stop the radio communication and break into the house unnoticed. 

Secured communication

If a hacker tries to launch an attack on the Smart Home via the home network, he must first access the network cables or be within WLAN range and thus close to your home. The greatest danger here is a WLAN password that is easy to guess. 
However, even penetration of the WLAN does not yet pose a danger to a Homematic IP smart home. Communication between the Homematic IP access point and the router is also secure within the home network. The same applies to the connection to the internet that Homematic IP uses for control via a smartphone and communication with the cloud servers in Germany.
Info Icon

5 tips for a secure smart home:

1st Tip

When buying a smart home system, look for independent test seals that certify security and data protection. The test seals of the VDE and AV-Test are among those that are trustworthy.

2nd Tip

Perform regular software and firmware updates.
This closes any security loopholes.

3rd Tip

Use secure and different passwords. Secure passwords have at least eight characters and ideally consist of a combination of upper and lower case letters, numbers and special characters. Password managers help to generate and manage passwords.

4th Tip

The security level is only as good as the weakest link. This means that you must make sure that all devices with which you access your smart home are reliably secured. The same applies to all devices in the home network. Devices at risk include computers, tablets and smart phones. Anti-virus software provides additional help.

5th Tip

Use a guest WLAN for visitors.

Even if your guests aren't up to no good, you don't know if there are harmful viruses on their devices. 

No personal data

Even in the unlikely event that a hacker gains access to Homematic IP via the internet, the risk is low. With Homematic IP, data protection has top priority. That's why not only are all servers located in Germany, you also use them entirely without registering: There's no need to enter an e-mail address, name or telephone number - setting it apart from most other smart home solutions.

Even with the door lock drive, unlike many other providers and to the benefit of security, Homematic IP refrains from locating the residents' location via smartphone. Only the IP address is stored by Homematic IP for technical reasons - encrypted, of course. That means: Even if a hacker gains access to the smart home, he doesn't know exactly where it is and who owns it.

Security first and foremost: Homematic IP devices communicate with each other exclusively in encrypted form. This means that no-one can penetrate the system.

Continuous security test

To guarantee optimum security, Homematic IP is continuously tested by independent testing institutes. The renowned VDE Institute (Association for Electrical, Electronic & Information Technologies) has certified Homematic IP for the fifth time for its especially high protocol, IT and data security. The independent testing institute AV-Test also certifies Homematic IP a "high level of security in all relevant areas of communication and privacy".  

to the news article

Regular testing: The independent testing institute AV-Test has once again confirmed the security of Homematic IP.