Smart Home
Get more with myNEWS
A personalised news feed of stories that matter to you
Learn more
The smart locks tested in the research weren’t cheap. They were bought on Chinese ecommerce sites for between US$110 and US$520. (Picture: Shutterstock)

Are smart locks safe? A Chinese report says not really

One fake fingerprint can open many doors

Smart Home
This article originally appeared on ABACUS

Smart locks have been promising a future of convenience for years now. But if you’ve recently decided you’re ready to go keyless, you might want to reconsider.

Even as smart locks have increasingly been finding their way into our homes, a consumer association based in China has released a report that shows some smart locks might not keep the burglars away.

The report tested six types of weaknesses on 38 smart lock models, including ones from domestic Chinese brands and international brands like Samsung and Switzerland’s Dormakaba.

One of the biggest problems turned out to be one of the main features: Fingerprint recognition. Among 36 randomly chosen smart locks, fake fingerprints could be used to unlock 32 of them.

The smart locks tested in the research weren’t cheap. They were bought on Chinese ecommerce sites for between US$110 and US$520. (Picture: Shutterstock)
Among the locks that failed are brands that advertise the ability to differentiate between real and fake fingerprints, according to the Beijing-Tianjin-Hebei Consumer Association. The list included well-known brands such as appliance maker Haier and Qihoo 360, China’s biggest cybersecurity company. We reached out to Haier, TLC, Dormakaba and Qihoo -- all mentioned in the report -- and will update if we get a response.

Qihoo 360, China’s biggest cybersecurity firm, wants to become China’s cyberwarfare defender

The convenience of smart locks has won over many consumers in the West even though debates about their security continue. Independent testing in 2017 by AV-Test, a German IT security institute, concluded that most smart locks tested didn’t have exploitable vulnerabilities. Still, security researchers have managed to hack into certain smart locks in the past.
At the beginning of the year, China started warning consumers about the quality of smart locks. The country’s consumer safety watchdog, the State Administration for Market Regulation (SAMR), claimed that 15 percent of 40 leading smart lock models they tested could be compromised.
SAMR had previously issued a warning about locks equipped with facial recognition, especially those that also used smart cards to unlock doors. It was a rare warning in a country that has embraced facial recognition in everything from convenience stores to toilet paper dispensers.
This year, China saw media reports on creative ways to open smart locks, including copying fingerprints from a fingerprint reader, putting printed out photos in front of facial recognition locks and using so-called “black boxes.” (Picture: JSTV/Miaopai)
The Beijing-Tianjin-Hebei Consumer Association started putting the report together after videos began circulating in China claiming that “ small black boxes” could break into smart locks. The boxes, which emit electromagnetic pulses, were found to be ineffective for modern smart locks. However, the report did find other problems.

Out of the 26 tested smart locks that use smart cards, 24 could be cracked or duplicated. Several smart locks had weaknesses in the apps used to generate passwords to unlock them. And some smart locks simply stopped working at very low temperatures -- which sounds inconvenient for people in northern China.

For more insights into China tech, sign up for our tech newsletters, subscribe to our Inside China Tech podcast, and download the comprehensive 2019 China Internet Report. Also roam China Tech City, an award-winning interactive digital map at our sister site Abacus.