According to a survey of Chief Financial Officers (CFOs) performed by Duke University’s Fuqua School of Business, “More than 80 percent of U.S. companies indicate their systems have been successfully hacked in an attempt to steal, change or make public important data.”
If businesses with a full-time staff of IT professionals cannot keep hackers from compromising their systems, what chance do consumers have of keeping hackers from compromising the IoT devices that make up their smart homes?
This is one of the challenges members of the Connectivity Standards Alliance (CSA) face when tasked to develop a new protocol standard for communications between IoT devices in a smart home named Matter.
I’ve written several articles about the Matter protocol, the companies that have released Matter-compatible products, and how people can leverage Matter-compatible devices in their smart homes. However, those articles, and most other articles I’ve seen on Matter, tend to discuss its advantages as:
- Better for consumers because it means that a consumer only has to purchase a Matter-compatible device, and it will work with Amazon Alexa, Google Home, Apple Home, SmartThings, and other smart home ecosystems that support the Matter protocol.
- Better for manufacturers because they only have to create a single smart home device instead of a series of devices where each works with a different smart home ecosystem, including those by Amazon, Google, Apple, SmartThings, and others.
However, much more work has gone into the development of Matter, which moves the security and privacy of smart homes forward for the protection of consumers. In addition, it similarly protects businesses that leverage Matter-compatible IoT devices in their offices and other facilities.
First, the Good News…
Matter is based on a set of principles for security and privacy.
Security Principles
- Layered Approach—Matter is based on a comprehensive layered approach to security, including authentication and attestation during the commissioning process, protection of every message sent to/from Matter devices, and secure over-the-air firmware updates so future threats can be mitigated.
- Strong—Matter leverages well-tested and secure cryptographic standards along with passcodes and certificates for secure communications. (Note: To make this article easier to read, I’ve avoided including every different security specification and designation that has been leveraged in the Matter protocol. Those can all be found in the CSA document, “Matter Security and Privacy Fundamentals,” for people who want to dig into that level of detail.)
- Ease of Use—The security built into the Matter protocol is designed to make it easier for consumers to use products that use the Matter protocol. It is also designed to make the design of Matter-based products easier for manufacturers by providing a reference implementation of the protocol in open source on GitHub. All that is required to add a Matter-compatible device to a smart home is to scan the QR code on the device using a smartphone app, such as the Apple Home app that I have leveraged in my testing.
- Resilient—The Matter protocol is designed to protect devices, detect threats, and recover from attacks.
- Agile—The Matter protocol is designed in a way that core pieces of the protocol can be updated to counter future security threats. These updates would then be delivered to Matter-compatible devices through over-the-air firmware updates.
Privacy Principles
The European General Data Protection Regulation (GDPR) has become the gold standard for privacy principles implemented in computer systems. The Matter protocol is designed to adhere to the privacy principles defined in the GDPR.
- Confidentiality—All messages sent/received through the Matter protocol are encrypted to ensure confidentiality and to prevent eavesdropping or tampering by bad actors
- Trust—All matter devices leverage signed certificates to assure that messages and data are only shared between known Matter devices and that no outside entity can receive information.
- Open Standard—Matter is an open standard and subject to full peer review to ensure it fulfills all the principles outlined here and that the implementation is robust
- Data Sharing Minimalization—To minimize the chance of data being leaked to unauthorized third parties, the data sent between Matter devices is the minimal needed for the proper operation of the devices. In addition, all data shared between devices is limited to data that is for a specific, defined purpose.
- System Privacy—The Matter protocol goes beyond just the encryption of the data in messages. To further enhance the privacy of data communications, it separately encrypts the addresses of devices in messages so a third party that intercepts communications is unable to see the identities of the devices that are communicating.
Now, the Not So Good News…
Many prominent smart home device manufacturers use Matter bridges to allow their existing products to communicate as Matter-compatible products. The bridge essentially translates the protocol spoken by the company’s existing product to/from the Matter protocol.
I thought this was a transition strategy that allowed a company to provide support for the Matter protocol before, over time, releasing new products that are fully Matter-compatible.
Unfortunately, what I’m now hearing is that the cost of certifying a product to be Matter-compatible is a significant expense for a smart home device manufacturer. A device needs to be recertified with each new firmware update that a manufacturer releases. Bridges allow a manufacturer to minimize this cost by only certifying their bridge, not all their products.
The downside of this is that only the bridge needs to adhere to Matter’s security and privacy principles. A company’s other products, that work with Matter through the bridge, don’t need to follow the security and privacy principles of Matter.
It is important to remember that we are in the early days of the adoption of the Matter protocol. The development of an open source, reference implementation of the Matter protocol was a way to help companies minimize the cost of implementing Matter in their products. Now, there seems to be a need to address the cost of certification and recertification to reduce the need for companies to use bridges to provide Matter compatibility cost-effectively.
