Security Experts:

Ring Rolls Out Mandatory 2FA, New Privacy Controls

Amazon-owned home security and smart home company Ring this week announced new security and privacy features for all of its users.

Following reports of hackers accessing Ring cameras and spying on people or harassing them, the company is apparently working on addressing these issues, and has started with a CES announcement on a new Control Center for both iOS and Android.

While the Ring incidents have surfaced problems that are representative for the Internet of Things industry, the issues related to the vendor are not limited to its cameras. Last month, the Electronic Frontier Foundation (EFF) warned that the Ring doorbell Android app contained third-party trackers and was sending out lots of personally identifiable information (PII).

This week, Ring announced not only mandatory 2FA for all user accounts, which should prevent unauthorized access to accounts even if the username and password have been compromised, but also improved control over the information that is being sent out to third-parties.

With mandatory 2FA in place, when a user logs into their Ring account, a one-time six-digit code to verify the login attempt — this applies to all Shared Users on the account as well — will be sent, either via email or as a text message (SMS).

Additionally, the company says it wants to increase transparency into its data sharing practices and to offer users increased control over the information shared with third-party service providers.

“Beginning immediately, we are temporarily pausing the use of most third-party analytics services in the Ring apps and website while we work on providing users with more abilities to opt out in Control Center,” Ring says.

This spring, the company will roll out new options to allow users to further limit the sharing of information with third-party service providers.

Starting this week, new options in Control Center allow users to opt out of having their information shared with third-party services for the purpose of receiving personalized ads — although users might still see non-personalized Ring ads from time to time.

“Ring does not sell your personal information to anyone. We occasionally collaborate with third-party service providers that specialize in delivering different benefits, such as identifying and solving your problems faster when you contact Ring Community Support, providing you with personalized Ring offers and discounts, and communicating important alerts about your devices, like when your battery is low,” the company notes.

Related: Smart, or Not So Smart? What the Ring Hacks Tell Us About the Future of IoT

Related: Ring Doorbell App for Android Sends Out Loads of User Data

view counter