Security - 256 bit end-to-end encryption
When it comes to devices that can open and monitor your gates and doors, security is extremely important, that's why we have put so much thought and effort into Remootio's security. Independently from whether you use Bluetooth or WiFi, Remootio uses 256 bit authenticated end-to-end encryption between your smartphone and the Remootio device.
From the Remootio app you have full control over how your smartphone connects to your Remootio device. You can choose from three options:
Bluetooth: in this mode Remootio only uses its Bluetooth module. No data goes through your WiFi network in this mode. On top of the standard Bluetooth security, the authenticated 256 bit end-to-end encryption ensures security in this mode.
Home WiFi: in this mode Remootio only uses its WiFi module without Bluetooth. No data goes through the internet. All data remains within your home WiFi network. The authenticated 256 bit end-to-end encryption also ensures security in this mode.
Internet: in this mode Remootio is connected to the internet via WiFi. On top of the industry standard SSL connection, the authenticated 256 bit end-to-end encryption guarantees security in this mode. We have created a one-click-setup-environment for setting up the internet connectivity (recommended for most users), but if you are an experienced user you can also define the internet address of your device in the App to setup a peer-to-peer connection.
Keys are generated during setup and are only stored on your smartphone and the Remootio device itself. Your keys are not stored anywhere else. Even the setup process is protected against hackers trying to get your virtual keys as it uses the highly secure, state-of-the-art Ephemeral Elliptic Curve Diffie-Hellman key exchange method, which together with the additional certificate validation and digital signature scheme, is resistant to eavesdropping, man-in-the-middle and other attacks. Remootio, unlike other gate controllers, is not cloud-based , so your security does not depend on a third party (such as a cloud service provider)
Any time your smartphone sends a request to the Remootio device, it sends a unique mathematical problem back to the smartphone which it can only solve using the key the two devices agreed on during setup. Since this mathematical problem is always different, signals for two opening cycles are never the same, therefore Remootio is protected against replay attacks . (It means that even if a hacker eavesdrops the communication between your smartphone and the Remootio device, and replays it to the Remootio device, the hacker won't be able to open your gates)