Once again, the Telekom Magenta SmartHome system underwent the AV-TEST certification – this year together with the all-in-one smart home application “MagentaZuhause App”. As always, the hardware and software were put through extensive testing and were checked both dynamically and statically for potential weaknesses or vulnerabilities.
Applications & hardware
This time, two different applications were analyzed for this test area: Firstly, the “Magenta SmartHome” app (for Android and iOS in the tested version 6.6.1), the classic app for using and managing the products offered in the Magenta Smart Home product portfolio. Secondly, new to the test this year was also the “MagentaZuhause App” (for Android and iOS in the tested version 1.0.0 Beta), which allows the user to combine devices from different (supported) manufacturers into a Smart Home ecosystem and to control and organize them via the app as a central interface.
For example, the Nuki Smart Lock, which we also certified, can be combined with Magenta SmartHome components and a variety of supported cameras, smart speakers and similar accessories in one system and controlled centrally via one interface.
In terms of security, our testers had little to say about either application: The implementation of security-relevant aspects, such as encrypted communication over the Internet in particular, are adequately implemented in both applications. Attacks on the connections of the applications and a possible interception or reading of transmitted information by third parties is thus practically impossible. Of course, there was room for further improvement here and there – for example, not all of the libraries supplied with the Android versions of both applications are protected by memory access protection mechanisms (such as ASLR), and the default configurations for some security settings could be further optimized for the last percent of additional security. In the practical tests, however, none of these points resulted in a real vulnerability that would result in a realistic attack scenario.
The cooperation of the apps with the hardware was also rated as secure by the testers.
Privacy
For this area, we have to state that both applications, but especially the Magenta SmartHome application, have quite extensive user analysis and tracking capabilities and functionalities: Several analytics, tracking and retargeting modules are included and their activity can also be confirmed and tracked.
However, one cannot derive an accusation from this alone. The privacy policy that comes with the product, which has always been one of the best and most detailed we see on a daily basis, provides full and detailed information about the data that is collected and processed. In addition, corresponding settings in the apps themselves allow to object to and deactivate all data collection and gathering.
All in all, Magenta SmartHome and the MagentaZuhause application continue to impress us in all tested areas and will therefore receive the AV-TEST certificate “Approved Smart Home Product” for 2022.
Previous article 
Pingback: MagentaZuhause app and Magenta SmartHome receive AV-Test "Secure" certificate | Deutsche Telekom
Pingback: Telekom Smart Home Login – Login Details
Pingback: Magenta Smart Home Login
Pingback: Telekom Smart Home Login