The issue of security of Wi-Fi products has two aspects: security during initial configuration and security in the daily use of the device.
With regard to the initial configuration :
- The password for the Wi-Fi access point is encrypted when it is transmitted from the phone to the device being configured.
- All exchanges from the Wi-Fi access point are themselves encrypted, in addition to the likely Wi-Fi encryption.
- A unique key is generated during the process of registering the device to the cloud server. There is no common password or key for all devices. This key will be used by the device to connect and authenticate to the Cloud Awox.
For daily use :
- All exchanges with the Cloud Awox are encrypted: both commands from the Cloud to the device and status reports from the device to the Cloud.
- Only commands coming from the Cloud Awox are allowed. Generic accesses such as http/https will be rejected, regardless of the port used.
However, if you notice a security flaw on our devices, do not hesitate to report it to us at firstname.lastname@example.org.