Smart Locks – How Secure Are They?

By Myles Dacres

As with any bit of new tech, the smart lock comes with a huge list of pros and cons.

People like convenience, a smart lock means that you can check your property is locked remotely.  In conjunction with other smart devices, it means that you can see who is at your door and allow them access to your property from afar.  You don’t have to remember your keys when you leave the house or even double-check your door is locked. And of course, there are fewer bulky items wearing holes in your pockets or handbag.  Everything, including locking and unlocking your doors can now be done right from your smartphone.

Smart locks were launched commercially in 2013 and initially utilised Bluetooth to communicate with smartphones to transmit a soft key to your smart lock.  When the phone left the building the door could be locked and to unlock the door again you would simply tap the lock with your phone.  Clever stuff.  But Bluetooth has a very short range so smart locks began to use Wi-Fi technology instead.  Whilst this gives the device greater capabilities it introduces limitations such as a far shorter battery life within the lock and, of course, cyber vulnerabilities.

Smart lock software has grown to the point where you can now talk to Alexa or Siri, turn on the heating, switch your lights off or even speak to your Amazon driver and tell them where to leave your package.

Worldwide, the smart lock market is on track to reach £3.2bn in 2027, up tenfold from £310m in 2016, according to market research firm Statista.

Companies like Airbnb and Yale have been utilising this technology more and more, working in partnership they are able to manage their properties remotely.

That being said, there are also many analysts who are concerned about the level of security in these devices.

Craig Young, the researcher from Tripwire, a risk management software firm, has worked on many smart locks’ projects in the past and claimed that due to security risks he would not utilise one of these devices in his own home.

Craig’s main concern is the risk of the lock to be opened by a hacker, closely followed by a concern for reliability.  Getting locked out due to a flat phone battery or lost mobile phone would not be amusing!

“Until I’ve seen better-proven track records of reliability for the uptime of the services that are running the systems, as well as the individual components in these locks, I don’t think it’s a great idea to make your personal safety rely on these,” he says.

Another large challenge to consider is that the current battery life on average is around 6 months and can be shorter if the device utilises Wi-Fi.

We love to build automation and clever solutions into our lives and ultimately, we are working towards smart locks that know when we want to lock and unlock your door, so we have one less worry in our day to day.

If we used to think of locks as a way of keeping everyone out, Wi-Fi-enabled smart locks are instead becoming devices to lock the right people out while letting your cleaner, mum, or delivery person in.

Is this the future or are the risks too high?

Contact Us

Send us a Message

    We would like to use your contact information to send you marketing and promotional materials and special offers by email from time to time. We may only send information to you in this way with your consent. Please indicate whether you consent to us contacting you in this way for those purposes. You may withdraw your consent at any time by clicking the unsubscribe link in our emails.

    We are always happy to make contact with you by either phone, email or a face to face meeting at our office or yours. We work standard UK office hours – every week day 0830 to 1730.


    We have been receiving complaints over the last few weeks from people who have received unsolicited direct marketing calls from a company called The Protection People.  We should like to point out that we are Data Protection People and have nothing to do with those calls.

    We have been advising those people who have contacted us that they should make a complaint to the Information Commissioner’s Office (ICO) using this link  It would be helpful to the ICO if you knew the number that called you, the date and time of the call and what the call seemed to be about.

    You might also want to register your phone number with the telephone preference service (TPS), a national suppression service which should cut down calls of this nature as it is not lawful to make unsolicited direct marketing calls to numbers registered on the TPS.  You can register your number here

    We know that these kind of calls can be distressing and intrusive and you have our sympathy.  Please do not hesitate to contact us if you would like to discuss it with us otherwise we’d encourage you to report it to the ICO as notifying them of this kind of practice enables them to investigate and take enforcement action where necessary.  You can see the action that has been taken by the ICO here

    Data Protection People Limited – March 2021