Q&A: Here’s how the ‘Matter’ protocol will soon reduce vulnerabilities in smart home devices – Security Boulevard
After years of competitive jockeying, the leading tech giants have agreed to embrace a brand new open-source standard – called Matter – that will allow consumers to mix and match smart home devices and platforms.
Related: The crucial role of ‘Digital Trust’
After numerous delays and course changes, the Matter protocol, is set to roll out this fall, in time for the 2022 holiday shopping season. To start, seven types of smart home devices will be capable of adopting the Matter protocol, and thus get affixed with a Matter logo.
Matter is intended to foster interoperability of smart home devices – so a homeowner can stick with just one voice assistance platform and have the freedom to choose from a wide selection of smart devices sporting the Matter logo.
What this boils down to is that a consumer living in a smart home filled with Matter devices would no longer be forced to use Amazon’s Alexa to control some devices, while having to switch to Apple’s Siri, Google’s Assistant or Samsung’s SmartThings to operate other devices. No surprise: Amazon, Google, Apple and Samsung are the biggest names on a list of 250 companies supporting the roll out of Matter.
The qualifying types of smart home devices, to start, include light bulbs and switches; smart plugs; smart locks; smart window coverings; garage door openers; thermostats; and HVAC controllers. If all goes smoothly, surveillance cams, smart doorbells and robot vacuums would soon follow.
DigiCert, the Lehi, Utah-based Certificate Authority and a supplier of services to manage Public Key Infrastructure, has been at the table helping develop the privacy and data security components of Matter. I had the chance to discuss the wider significance of Matter with Mike Nelson, DigiCert’s vice president of IoT security. Here’s what we discussed, edited for clarity and length.
LW: When a consumer sees a smart home device with a Matter logo this fall, what do you hope that conveys?
Nelson: The Matter logo represents seamless interoperability for consumers, ultimately enhancing users’ experience and control. It also represents digital trust [insert the way we are defining DT] between all compliant devices from different manufacturers.
LW: What was the core security issue that had to resolve in deriving Matter?
Nelson: The security challenges present in many smart home devices include device identity, proper authentication (user and device), confidentiality of sensitive data, and integrity of software.
The Matter specification focuses on establishing a robust immutable identity for each device and requiring all participants to use security credentials (digital certificates) that are chained to secure roots of trust. This practice ensures that only trusted devices can identify and interoperate with other Matter compliant devices.
LW: How did the alliance resolve this core security issue?
Nelson: The Matter security specification has been developed collaboratively with many industry stakeholders over the last several years. The Matter specification takes a secure-by-design approach to ensure devices can be trusted throughout their lifecycle. The security specification is a layered approach with strong, easy to implement, resilient and agile security approaches.
The security specification raises the bar for IoT security and privacy through the following approaches:
•Establishing a strong device identity so only trusted devices can join a smart home
•Secured, standard …….