Many smart home systems include burglary protection as an additional feature. There are few systems that focus on protecting your own home. One of them is Ring Alarm. We took a close look at the alarm system and checked the IT security and privacy of the solution.
The Ring Alarm Starter Set in the smallest configuration consists of the base station, a keypad, a door/window contact as well as a motion detector and repeater.
Both the base station and the repeater have an internal battery (5100mAh resp. 1100mAh), with which the devices can cover a 15 minute power failure with all or further 24 hours with limited features. The base station also has a SIM card (in our case from AT&T), so that even Internet failures can be bypassed, provided mobile phone reception is available and the Plus subscription has been purchased.
The base station is equipped with WiFi, Z-Wave and Zigbee. All devices supplied with the base operate via Z-Wave Plus. This wireless standard improves the Z-Wave standard in terms of power consumption, range and bandwidth. Furthermore, better fault tolerance and a standardized procedure for firmware updates (OTA) have been implemented.
All devices have a device-specific, printed-on key. This means that parts of the key exchange between base and device do not take place in the Z-Wave communication itself, so that the exchange cannot be fully eavesdropped. At delivery, all devices are already paired with the base station.
The Ring App (Android, iOS) was subjected to a static and dynamic analysis. Since the app has to cover the rather extensive product portfolio, the app permissions are also comparatively extensive. However, they are only requested when necessary.
The analysis did not reveal any significant weaknesses.
The app has a relatively high number of trackers, but the communication with them was encrypted at all times. Furthermore, certificate pinning is implemented in the app so that man-in-the-middle attacks are effectively prevented.
As we already suspected based on our earlier test of the Ring Doorbell 2, we could not detect any unencrypted communication when testing the Ring Alarm solution. All communication between app and cloud or base and cloud was TLS1.2 encrypted.
Ring Base: Communication to European Amazon servers
When checking the communication, however, it was noticed that the Ring base station communicated with a European Amazon server (Frankfurt am Main, Germany), but the app only contacted American Amazon servers. The fact that this is causing a problem is discussed separately in the privacy section of the test.
Since we only evaluate the IT security of the system, this test point is only of an informative nature.
In contrast to some other systems tested by us, e.g. in the comparative test of Security Starter Kits, Ring integrates sabotage contacts into the sensors. Manipulations of the sensors are therefore detected and noted in the protocol and, depending on the status of the arming, an alarm is triggered. According to the app settings, a push notification should also appear in case of tampering, but this did not work during the test.
Provided that you have the appropriate subscription, the system also notifies or alerts you if the Internet is down – via the integrated mobile modem. By the accumulators built in the Repeater and in the base they bypass also longer power failures, as mentioned at the beginning.
If the owner allows it, the current location is recorded when using the app. This does not have any advantages; geofencing features or similar, which would justify this, do not exist (yet).