How do you make sure my personal data and video stream are secure?
We take our customers’ data safety very seriously. The communication requests between your mobile device, your Wyze product, and the AWS Cloud Server are made via https (Transport Layer Security (TLS)) for alert videos. We use symmetric and asymmetric encryption, consistent hashing, and other ways to make sure users’ information cannot be stolen. Each camera has its own secret key and certificate so that we can validate its identity during handshake. The contents are encrypted via AES 128-bit encryption to protect the security of the live stream and playback data. During the connection process, every device in the process has its own secret key and certification, so that we can validate their identity during handshake. Even if a hacker intercepts the data package, the data cannot be decrypted.
Have you updated Wyze products to protect against the KRACK vulnerability?
Because our products don’t provide any access point functionality, they can only be affected as a WPA2 client, which is a minor risk. So far we haven’t updated our firmware to mitigate the KRACK issue. Our engineers are working on updating the stacks and we will update the firmware once we complete the effort.