Ring Control Center goes live, but fails to address Ring's biggest problem

Ring has pushed out an update that brings a new Control Center to its app, letting customers find a selection of security related features, with the aim of taking control of their Ring devices

It pulls together a couple of settings that existed separately within the app previously - like two-factor authentication - and gives you access to some other security related elements. 

Firstly, you can identify all the devices that have been authorised to access your account and, with a single click, you can deauthorise all of them. That will allow you to remove old devices, or devices you didn't even know where accessing your account. You'll have to then sign-in again on those devices and services that you want to have access to your account.

The second element is that you can see what other services have access to your Ring account, Alexa for example. As above, if you've clicked the link to deauthorise all these, you'll have to sign in again, for example if you want Alexa to announce when you have someone at the door. The good thing about this is that if you've handed over access to a service you then forgot about, you can remove it here. 

For those in the US, Ring has added an option to control the controversial police access. This will mean that you'll receive a notification when police want to access your footage and you'll have to grant permission. This doesn't exist in the UK, so you won't have that option in the app.

It's interesting that these options only exist in the smartphone app, they're not reflected if you sign into your account on Ring's website, where you only get the option to enable two-factor authentication - but on the whole, it's great to see these options available to Ring users. 

However Ring's problems run deeper: the company is a victim of its own success, having enjoyed huge uptake in its products - and purchase by Amazon - but finds itself under the microscope because of a run of security issues.

These really started with reports that Ring employees were able to access and view customer videos at its Ukraine-based R&D centre. The company did respond, confirming that "attempted access to that data exceeded what was necessary for their job functions." Individual concerned were reportedly laid off.

The next big hit for Ring was a report that cameras had been hacked. The company responded that this was because of a lack of security on the part of owners, that it had been a "credential stuffing" stuff, where details from another data leak had been directed at Ring accounts, gaining access.

These incidents have raised questions around Ring's commitment to the security that it aims to provide and while there are responses from Ring - an employee that breached the company's privacy policy was fired, the suggestion that two-factor authentication is used - they serve to undermine trust in the company many people have chosen to protect their homes. Using two-factor authentication is good advice and you most certainly should turn it on.

The latest addition to this list of concerns comes from a report that the Ring app is sharing a lot of user data with various services. These services, uncovered by EFF, include sharing data like phone location, screen resolution, sometimes sensor information, going to a range of services including Facebook - even if you're not a Facebook user. 

When asked for details about what these services were for and why Ring was sharing data with them, the company told us:

"Like many companies, Ring uses third-party service providers to evaluate the use of our mobile app, which helps us improve features, optimise the customer experience, and evaluate the effectiveness of our marketing. Ring ensures that service providers' use of the data provided is contractually limited to appropriate purposes such as performing these services on our behalf, and not for other purposes." 

One thing that Ring's new Control Center doesn't do is let you opt out of any of this sort of analysis. In this case, the services process the sort of analytics data that's common to online platforms (apps and websites) and Ring is certainly not alone in using them. 

Ring's problem now is about regaining and maintaining the trust of its customers as scrutiny is piled on. Our first reactions to the Control Center was "is that it?", because it feels like - firstly - you should have the options everywhere you interface with Ring - and secondly it should show you everywhere that your data is being shared and let you do something about it.

The new features are available in the Ring app - update if you don't yet see them.



from Pocket-lint https://ift.tt/36SmJV5
via IFTTT

No comments:

Powered by Blogger.