After we had the Nuki Smart Lock 2.0 in our test lab for certification for the 4th time in May this year, the brand new version 3.0 of the smart, retrofittable door lock from Austria reached us as well. Like its predecessors, it went through the same extensive testing procedure in our labs, and just like its predecessor, all test areas were mastered with flying colors. Accordingly, the new product version continues the certification successes and receives the certificate “Approved Smart Home Product”.

In the static analysis of the device itself, the new lock revealed no indications of an exploitable vulnerability, whether via local nor via online communication. As with its predecessor, a secure WebSocket connection tunneled via TLS is used here, which is practically impossible to compromise. As always, we have done our best to construct a promising attack from an attacker’s perspective. However, as long as you stay in the realm of real life scenarios, you don’t really stand a chance here and have to conclude that the communication security still has to be considered absolutely adequate.

The mobile applications on Android (v2.9.0-beta) and iOS (v2.9 build 2117), which have also been tested several times in the meantime, do not have any significant or newly introduced vulnerabilities this year and are still cleanly designed and implemented. Of course, there are points here and there where the concept could be further hardened, but these are always present.

As one of the most data-saving solutions that we have tested in recent years, there has always not been much to complain about in the area of data protection. This does not change for the Smart Lock 3.0: The product can still be used without providing personal data and only collects the functionally necessary data during operation, which additionally has to be approved by the user in advance. The associated privacy policy also leaves only marginal room for criticism. Apart from a few minor points and update options, there was nothing that we could seriously find fault with here – Excellent!

Overall, the 3rd version of the Nuki Smart Lock manages what its predecessor also managed several times without any problems: a successful completion of the AV-TEST certification process. As with its predecessor, there were no serious shortcomings in any of the relevant test areas, and the smart door lock deservedly receives the “Approved Smart Home Product” certificate in version 3.0 as well.