Wyze uses P2P (peer-to-peer) as our streaming solution. We use ThroughTek (aka TUTK) as our service provider to establish P2P connections. Once a P2P connection is established, your phone/tablet will talk directly to your Wyze Cam without any server in the middle. ThroughTek is an international company, headquartered in Taiwan, which provides services all around the globe. Their servers are deployed in multiple geographic locations including: North America, China, Japan, and Europe. That is where the ‘overseas traffic’ questions come from.
In the first few months of Wyze Cam’s existence to shortly after the release of Wyze Cam v2, our streaming solution was using the full worldwide network of TUTK servers to establish connections. The camera’s traffic at this time was getting routed through various servers in multiple countries. Starting in the summer of 2018, we worked with TUTK to make a few changes that ultimately limit all network traffic generated by Wyze Cams to North America for both v2 and Wyze Cam Pan devices. Most of the v1 traffic is covered as well but not as completely as for the v2 and Pan. The reason comes down to differences in the platform used for each of them and this couldn’t be changed without an overhaul of the kernel.
Below, we’ll describe how TUTK was involved and how Wyze worked to remove the ability for Wyze Cams to utilize offshore servers. We’ve included each case where a TUTK server would be involved in these descriptions:
- Device Setup - During device setup, the Wyze Cam registers itself with a TUTK server to let TUTK know where it is. This info is needed for TUTK to connect your phone and the camera going forward. As a side note, TUTK doesn’t know anything about your Wyze username, MAC, or any other personally identifying information.
- Device Boot - During device initialization, your Wyze Cam registers itself with TUTK servers and tells them it’s alive. After the summer of 2018, Wyze made changes to both the v2 and Pan code to block traffic to overseas TUTK servers. The TUTK API we used didn’t provide a way to directly contact only North American servers so we implemented a workaround through the API. This same method can’t be used for the v1 since it would require a kernel-level change. So for v1 devices, TUTK servers worldwide can still be contacted for the camera’s initial boot sequence. Please note that, similar to during setup, if you do see this overseas traffic with a v1 camera it won’t contain any personally identifying information or any details about the camera other than its TUTK ID.
- Device Heartbeat - After the device boots up, it will send a heartbeat signal to TUTK to ensure a quick connection whenever you want to watch the live stream. Starting in the summer of 2018, TUTK provided us with a way to limit heartbeat traffic to North American servers by making changes to the configuration policy. Any new Wyze Cams will be covered by this policy directly, and 99%+ of older devices are covered. We recently found out that just under 1% of our devices may still be using worldwide servers and we are actively working with TUTK on a fix. Any Wyze Cams affected will work just as well as any other and, like in both previous descriptions, nothing apart from the TUTK ID is transmitted.
- Streaming - When a phone/tablet tries to connect to a device, it asks a TUTK server in North America to locate the device. This TUTK server will work on establishing a connection between the client and device. After that, the phone/tablet and Wyze Cam will communicate between themselves directly without TUTK being involved. For streaming, we use the same method as the heartbeat for limiting network traffic to North America.
Section Link: Link
ThroughTek doesn’t know anything about Wyze accounts. We don’t release any information (e.g. Wyze username, device MAC, etc.) to ThroughTek. All they know is the Wyze Cam’s TUTK ID that was assigned during setup. When you connect to the live stream, ThroughTek will help to establish the data channel but Wyze handles 100% of the authentication. This prevents ThroughTek from accessing the Wyze Cam’s stream.
Regarding event recordings, TUTK is not involved with those at all. Wyze Cams upload event videos directly to Wyze’s S3 storage account on AWS via HTTPS (Hyper Text Transfer Protocol Secure), a form of encryption used for network communications. From there, your phone/tablet will download the events from the Wyze Cloud via HTTPS as well. All of this happens within North America.
Section Link: Link
Back in January of 2018, we accidentally picked a Russian server for NTP (internet time verification). We changed this to a US server immediately after noticing that this was the case.
Section Link: Link
The MAC address printed on your Wyze Cam and the one shown on the Device Info screen are part of a range purchased by Wyze that will register on your server as a Wyze device. This MAC address is assigned by the firmware to overwrite the hardware MAC assigned to the WiFi component. These assigned MAC addresses should start with either A4DA or 2CAA. Most of the WiFi components we use will have a MAC address that will start with something like C8028F. These alternate MAC addresses tell us that, for some reason, the firmware either failed to override the hardware's MAC properly or failed to prevent this MAC from registering on your network.
In the event that you see one of these alternate MAC addresses on your network, it will often show an association with a company such as Nova or Duratech. These suppliers from whom we source our WiFi components and they have no bearing on the functionality of the camera itself.
If you see this happen, please submit a support request so that we can work with you to figure out what is causing this to occur.
Section Link: Link