For those that want an extra layer of security around their recorded videos, Ring has announced that end-to-end encryption is now available in the UK. With this optional feature enabled, video is encrypted to limit who can view the video feed, preventing even Ring or Amazon from examining your videos.
With a regular Ring Protect account, recorded video is encrypted and stored on the cloud, but anyone with access to your account (either using your login details or through a shared account) can view your video. With end-to-end encryption, only the enrolled mobile device (your phone) can view video.
The difference comes down to how the encryption works. With end-to-end the encryption keys (used to encrypt and decrypt the video) are held on the endpoints: in this case the Ring device and your phone. Nothing in the middle can view or decrypt the video. With traditional encryption centrally-held encryption keys linked to your account are used, so anyone that logs in can view the video.
For security, Ring maintains a copy of your encryption keys, so you can restore it should you lose your phone. This key is protected by a randomly generated passphrase known only to you, which you have to take a backup of.
While this update is good news for security, end-to-end encryption is an optional feature for several reasons. First, there’s a limited set of devices that it will work with. No battery-powered devices are supported, neither are some of the older products. Supported devices include the Ring Video Doorbell Pro 2, the Doorbell Wired and Floodlight Cam. The full list of supported devices is available in Ring’s end-to-end encryption installation instructions.
The reason for this is because the devices now have to take care of encryption all the way to your phone, which adds some overhead.
Even if you have supported devices, end-to-end encryption has to be turned on for each device. This is because there’s a fairly hefty list of restrictions and features that get disabled. First, only your enrolled mobile devices can view and store video; if you change your phone then you have to enrol the new one. As the encryption keys are held on your phone, you can’t use the web interface to view videos using the web interface.
An enrolled mobile device is one that’s linked to your account. Shared users don’t count, so they’ll no longer be able to view videos.
You can no longer share videos from the app, although you can download them and do what you want with them, so this restriction shouldn’t prove to be that difficult.
While you might be able to live with these restrictions, some very useful features get disabled, too. So, with end-to-end encryption turned on, you can’t watch videos on your Echo Show, you can’t use snapshot capture, Bird’s Eye View, pre-roll, or turn on Motion Verification and People Only Mode.
If you decide to turn off end-to-end encryption, you’ll need to turn some of these features back on manually.
You might like…
Support for authentication apps
Ring is also enabling support for third-party authentication apps, such as LastPass Authenticator and Google Authenticator. With these, your phone’s app generates the two-factor code required to log onto your account; currently, Ring’s secondary authentication works by sending your phone a text message.
New transfer method
Finally, Ring has said it will launch an automated self-service process to transfer ownership of used Ring devices. When you pass on a device to someone else, all they have to do is scan the QR code and follow the on-screen instructions. The original owner will then get a pop-up message that lets them quickly remove the old device from their account.