From smart speakers to vacuum robots: What can be connected to the internet will be connected. This business rule of IoT was clearly visible at the IFA 2019 electronic trade fair in Berlin. However, most manufacturers are still saving money on the security of IoT devices, thereby putting their customers at risk. The AV-TEST Institute honored IoT manufacturers with the certificate “Tested Smart Home Product”, which oppose this negligent carelessness with secure, independently tested and certified products.
IoT attack on Wikipedia during the fair
At the beginning of IFA 2019, the danger of poorly protected or unprotected IoT devices was shown once again. While the pioneering electronics fair in Berlin was in full swing, cybercriminals used the networked computing power of poorly protected IoT devices to kick servers of the online encyclopaedia Wikipedia out of the web for several hours by means of massive DDOS attacks. Since the Mirai botnet attacks three years ago with at least 500,000 infected IoT devices worldwide, no manufacturer can claim not to have known this danger. The more frightening is the gross disregard of even the simplest security standards in the development of most of the IoT products on the market as well as the conscious avoidance of efficient protective measures.
Certified Security and Privacy
Completely different is the situation with manufacturers certified by the AV-TEST Institute at the IFA with the certificate for tested IoT security. These manufacturers already consider security by design in the development of IoT products and independent security checks are naturally part of their daily business. Both before the market launch and for the complete life cycle of their products, these manufacturers guarantee the best possible security of their products and services through regular tests and assume responsibility for the protection of their customers.
But with the AV-TEST seal for verified IoT and Smart Home products, these manufacturers not only ensure state-of-the-art IT security. In order to obtain the certification of the AV-TEST Institute, manufacturers must also prove that their products affect the privacy of their customers in a way that is just necessary for their products use. Accordingly, the AV-TEST certification not only confirms the GDPR compliance, but also the responsible handling of user data, starting with minimal data collection, secure forwarding and processing, the exclusion of trading in user data and the provision of understandable data protection statements, thus standing for Privacy by Default.
Thank you for trust!
At AV-TEST we are very proud of the fact that manufacturers like Devolo, LUPUS-Electronic, RC-TEC and many more as well as their customers place their trust in the testing and certification of our labs. As pioneers of IT and IoT security research we know, that security is not a condition but a process. And that’s why we will continue to work to ensure that users can enjoy the benefits of smart products without having to worry about IT security and privacy. And that’s what we stand for with our IoT research and the constant adaptation of our certification tests to the current threat situation. As a smart home user, we encourage you to help us with this mission by also paying attention to IT security when purchasing IoT products and actively demand them from manufacturers and distributors.