A better front door: What will it take for smart locks to succeed?

27 Comments

Just a decade ago, the web was in the midst of transforming consumer behavior through e-commerce, online banking and information discovery. Now the internet is shifting users’ psyches again — this time through the Internet of Things (IoT). Starting with home automation and wearable technology (Google Glass, Nest, Apple HomeKit), IoT is on the cusp of pervading other facets of consumer life and industries.

Even if IoT is the next big thing, various hurdles must be overcome before society can coexist with massively ubiquitous, intelligently connected devices. Important questions revolving around security and safety need to be addressed before widespread adoption can take place; even with current home IoT products, such as smart thermostats and lighting, privacy and security issues abound.

Smart locks — smartphone and/or app-controlled door locks — are a particularly interesting example. Though various smart lock products have been on the market for some time now, consumers have been relatively slow to adopt the technology—and that’s understandable. Before trading the security of the traditional lock-and-key combo for the convenience of a smart lock, consumers have to be convinced that these locks are valuable enough to enable them to overcome insecurities and reservations. Here are some of the key features that may be required to move smart locks into the mainstream.

The good old lock and key

The front door is all that separates one’s home from the outside world. Subsequently, potential smart lock adopters are overwhelmingly concerned with the inherent dangers of digitization. What if a hacker spots a smart lock–secured home, and is able to compromise its security? What if smartphone access to the smart lock fails, either via user error or a software bug? Smart lock products should look like standard locks so as not to draw unwanted attention, and in the event that smartphone or app control is lost, the smart lock must allow for operation with a standard key as a fall-back measure.

It matches your house

Many home owners regard their houses as extensions of themselves. Smart lock products must allow for simple customization of look and feel to match the décor and trimmings of the structure or building. The smart lock must be as easier to install than a standard lock (with no perceived need for a locksmith) , and as easy to use as a conventional lock and key combo—any number of people, with varying technical proficiency, may require access (e.g., the janitor, housekeeper, or grandma).

Full benefits of connectivity

As IoT devices, smart locks should go above and beyond merely replacing a standard lock and key. Connectivity should expand and enhance their functionality—features such as access monitoring and logging to the cloud, remote unlocking via the web and other unique, internet-enabled capabilities should be available. In parallel to the benefits of being connected, communications and data transmission must also be secure and encrypted. Furthermore, as mission-critical electronic devices, smart locks must use batteries with extensive lives, and perhaps allow for some alternate forms of charging such as solar or kinetic motion.

Additional bells and whistles

Again, as a new alternative to an age-old contraption, the smart lock should provide consumers with enough incentives and value propositions to leave the conventional lock and key combo behind. Features such as video recording and monitoring through an integrated peephole camera, automated answering through an embedded microphone and speaker, and scheduled locking and unlocking are just some examples of potential features that may give consumers enough of a confidence boost to install a smart lock product.

Eric Gould has over 25 years of experience in the world of technology and has shipped over 20 related  products. He has worked for the Harvard Business School, IBM, Apple Computer, Netscape, McAfee.com and Paypal. Most recently he was the president and COO of a wearable tech company that was creating an alternative to Google Glass. Follow him on Twitter @ericcgould.

27 Comments

Wayne Caswell

I was horrified when several years ago I toured a high-end Las Vegas home that could be unlocked with Wi-Fi from the car. As a digital home consultant and well-versed in wireless security, I told the homeowner why that was not a good idea, and why his family and $10M home were at risk.

But in reality, a door lock just keeps honest people honest. A burglar can break in through a garage door in 6 seconds (https://m.youtube.com/watch?v=kSO_HTBHLFI), and he could bypass an alarm system by going in through a window, wall or roof.

To protect your home, think like a crook and understand the motives & deterrents of amateur and professional crooks. Then examine your home’s vulnerabilities and make it riskier for them than just going somewhere else.

Kevin Schoonover

Have you returned home to find you forgot to lock the front door? With smart locks and sensors, you can tell if your door is open/closed and locked/unlocked. I have Schlage Smart Locks and SmartThings. With a glance at my phone I can see that all of the doors are locked. If a door opens, I am notified. Frankly, I feel safer having my locks automated and online.

Jonathan Adams

What metric(s) / information have you seen that leads you to believe that “Consumers have been relatively slow to adopt smartphone and app-controlled door locks”.

Nicho

The first and foremost criteria for this to succeed is a demonstrable need. Electronic locks are not solving a problem anyone actually has.

Eric C. Gould

If you read or watch the ads from the various smart lock venders there appears to be a strong need for solving the convenience factor – not needing to reach into your pocket for your keys to open your locked door and creating temporary keys for guests, serviceman and family. Is it worth the price – apparently for some it is.

don

“The front door is all that separates one’s home from the outside world.” And that door can usually be kicked in or the jamb can be spread to allow the locks’ bolts to clear the jamb.

Batteries? Why would I want to depend on a battery to allow access to my home? In a flashlight, it’s OK because I can simply replace / recharge the batteries. But to be locked out is another matter.

Funny, there is no mention of the $200+ price tags, an expense not wanted by those whose traditional locks are working just fine.

I can go to Home Depot or Amazon and buy a smart Networked Wireless Electronic Lockset costing upwards of $1,000. That won’t prevent a dedicated thief from breaking in, however.

Eric C. Gould

I agree. The lock has to provide something better in the form of security to helpful prevent or discourage a dedicated thief from breaking in. So far I have not seen a product that offers this – have you.

Gary Ambrosino

Silly idea.

This is a technology designed by engineers looking for a market. The whole idea of a house lock is that you use it while you are there standing in front if it. If you are not, then the value is as a passive device that only works when you are there.

So what purpose would it have for remote control. Pretty much none. There’s a FANTASY APPLICATION that you let the cleaning lady in or something like that. If you trust them, they have a key, if you don’t they do not. It’s a real laugh to hear about people saying they will control the front door through their smart phone so they walk up and open the door with an iPhone or something instead of a $1 key.

The REAL APPLICATION here is access monitoring. That’s easy to do with connected security systems and an $10 door sensor works fine for this. You don’t need to replace the door locks to do this.

Besides, what locksmith do you know that is going to install and configure an internet connected door lock. What homeowner (in the real world not in the IoT early adopter world) is actually going to do this successfully.

“You’re technology phobic ” – – not really – – I run a successful internet software company and ran an IoT company that won the US department of energy innovators award.

I really just thing this is not the place to put great creative resources to create innovative home automation solutions.

-g

jjj

It is convenient to unlock it easier or have it unlock itself when in range but you don’t need an internet connection for that. I wouldn’t focus on phones but wrist worn devices. Remote control should be one of the core feature of such devices since you don’t have to take it out of the pocket and and it’s slightly harder to lose than a phone. Ofc the UI/navigation gets a bit complicated when you can control 10 devices on a bracelet but it is a practical functionality.
Access monitoring for home users has little value and if it has internet access is a security and privacy risk. With 2.5 people per household in the US , not much of a point in access monitoring- the article seems to be about the consumer market , in other markets the needs are different.

don

No locksmith is needed to install ANY lock or deadbolt in my home.

It would be nice to be able to unlock my door when some other member of my family arrived while I was not home, and that would keep extra keys from floating around everywhere. The main reason I would consider replacing my traditional locks with keys is that keys can be lost whereas I have my phone with me almost all the time. Bluetooth would not be the solution, but an internet connected lock would not be available when the power is off, either. If I unplug electronics when I go out of town, of what use is a front door lock that is controlled with the internet? (This is the same problem we have for a cabin out of town in which we would like to install security cameras.)

Eric C. Gould

I think we are on the same page. My view is that there needs to be multiple systems to unlock the door and the good ole key might be just the best one around if there’s a complete power failure with no backup system or temporary power supply.

Eric C. Gould

I like the idea access of monitoring. Do you think DYI monitoring products like the Dropcam provide the level of alerts and customizable zones to fit the bill. Or, should it be out sourced to the professionals.

ericcgould

Even if all the above is implemented the smartlock’s biggest hurdle to overcome maybe the home owners usage behavior pattern. Do people even care about their front door. While the exact number varies in alternative research reports some 71% to 87% of American home owners enter their house through their garage. So have we picked the right problem to crack.

Madlyb

So first…complete agreement with @jjj. All of these Security and Home Automation solutions that require the ‘cloud’ to work are both dangerous and stupid.

Second, most of the locks on the market are:

a) Virtually toys in terms of hardening.
b) Designed for use in either Batman’s cave or Steve Job’s house.
c) Built on proprietary systems that cannot be integrated with the rest of my house.

Currently, and for the last few years I have used a Sunnect AP501, which while not ‘Smart’ (whatever the hell that means) relies strictly on RFID keys or Keypad, is still one of the best electronic locks I have ever worked with and surprise, surprise was offered in a variety of finishes to actual match the house and in a reasonable normal design. I hate that they went out of business, because you could take their lock and combine networking capability and have exactly what is needed in a modern electronic lock.

lycan88

Despite this will come but no thanks ! If it comes to me I prefer the old ways with a lock and a key ! We are already scared that our personal information being compromised from cyber attacks and you want them to hack in our homes as well ?! Technology must not be ruling like this over our lives we made technology to make our lives easier but not making it vulnerable !

Great article with a great debate !

Frustrated

Rather than having one key to open the door you want to move this onto another device that is already a target for thieves because it already contains so much more personal information? No thanks. You are adding more points of failure!

Rather lets get people to evaluate the doors and locks that they do have on their doors already. If the locks are poorly installed or the wrong locks used all the gadgetry in the world is not going to protect you or your family.

john frankel

As an investor in UniKey, I have to take issue with “Though various smart lock products have been on the market for some time now, consumers have been relatively slow to adopt the technology—and that’s understandable.” as there simply has not been a lot of product on the market. Unikey launched Kevo in conjunction with Kwikset in October last year, but the much talked about LockiTron and August have failed to launch three time each over the past year or so.

If you want to use a smart lock, like tens of thousands do in scores of countries today then simply go to UniKey.com and buy one. It works, and the product roadmap will add even more functionality in 2015.

fergusonsr

Please send me details about your roadmap. We have UniKey in house now and will posting a full review shortly. Thanks,

Fazal Majid

Yeah, right, Kwikset, the company whose locks can be forced open with a mere screwdriver, not even a lock pick, and with no outside trace of forced entry:
http://www.wired.com/2013/08/kwikset-smarkey-lock-vulns/
When I found out about this, I went for Medeco locks on my new house instead. A smart lock is only as strong as its weakest link, and more likely than not it is mechanical, not cryptographic.

Eric C. Gould

Hi Fazal, Is Multi-factor authentication an answer. Say if the lock can detect what it “thinks” is an intruder/ or out of case scenario a possible solution. Or does the lock just need to be physical strong enough to not fail even under the strongest pressure. By the way I have Medeco locks too.

jjj

A huge NO to connecting a lock to the internet and a big no to storing any usage data online. That’s just asking for it. Assuming a reasonable risk for a considerable benefit is one thing but assuming this kind of risk for minor benefits is just stupid and careless.
There should be a law banning locks for having access to an external network.
Everybody i know just laughed at the locks already available that are connected to the internet , seems unreal that anyone would even consider doing it.No matter how hard you push for security ,you add a bunch of points of vulnerability and this is not a car or a wallet or even a safe,this is the place where you and your family sleep.
In the end you ignore the basic function of a lock, to be secure and want to weaken it to add gimmicky functionality. That’s a terrible idea. The priority is to keep it safe,then make it easier to use and expand functionality but not at the cost of security since that’s the only thing a lock must provide,all else is optional.
And any smart lock should have a manual override at least on the inside, without it it’s a safety hazard.

Chuck

110% agreement. If it’s attached to the internet then it’s compromised. The security experts call it the “Attack Surface”. When your lock on the Internet, the attack surface is the whole planet.

man+book

Not sure what everyone is talking about here. A lock is a security device designed to make you feel safe, even if you aren’t. The large majority of people have locks that can be broken, picked, or simply bypassed (e.g. access through a broken window). You have a lock on your door to slow someone down. Anyone competent and confident enough to know you have something to steal can break into your house and get it in a very short time. Locks and security are about allaying your fears, not really about making anything much more secure. Stoned teens might give up, but any determined thief makes your physical and electronic protection mostly irrelevant.

jjj

While that is true, it’s something the public decides to ignore to be able to sleep at night and intentionally weakening it is not the way to market a product.
Just because you sell snake oil ,it doesn’t mean you want to advertise that it’s less potent than other snake oils, but it’s pink.

gman

Agreed. There are a lot more people out there who can pick locks or break a window than can hack a lock. Most of those hackers are very content to stick to way more lucrative computer crimes rather than branching out into smash and grabs in the real world. A lot of these smart locks also do away with a physical key, that eliminates a much larger security hole than the connectivity creates anyway.

The key is to mitigate as much risk as possible. Many businesses and governments use electronic locks, they’ve been around since the 80’s. They can do nice things like secure a whole building at once or control access to only certain personnel. Personally, I wouldn’t want a lock open to the Internet, I don’t really see the need. I’d prefer one that uses NFC or Bluetooth to do the unlocking when I’m a short distance away.

Eric C. Gould

LOL on “There should be a law banning locks for having access to an external network.” I would like own the business that collects the penalty fees – you in.

Comments are closed.