What do MOBI security protocols look like?
Easy answer: Data is encrypted on the MOBICAM, sent through another encrypted signal, sent to an encrypted server that then decodes the first encryption; then the signal looks at the information, re-encrypts it, sends a differently encrypted signal to your app, which needs to decrypt the information that has already been scrambled several times. The entire encryption process is certified and tested on international levels for safety and compliance for multiple countries. It is also constantly tested by an outside cybersecurity team to try and break it, so we can fix it.
Specific Answer: We use AES ECB-128 to encrypt data, with the intention of collecting the smallest amount of possible data from the user. The network that we transmit data to, from and through uses TLS1.2 protocol to encrypt the communications protocols. At numerous stages, we employ sophisticated static and dynamic key management (two or more codes + dynamic changing passwords).
What information does MOBI have concerning my account?
MOBI Technologies, through your registration of camera and your signup, maintains very basic information about the account. Primarily the information we store remotely will be what a user provides, such as email and phone number (if applicable), and mailing information if registration product registration is given or technical support is needed for replacements. As we don't take transactional information outside of our secure merchant platforms, this data is not stored (neither geographically or technologically) on the same platforms.
In terms of what information is provided by the camera, we maintain: nickname of device, unique production identifiers for each camera/lot/batch, if device is activated and when, last activation, if currently online, if a feature is turned on through settings, if it is bound to a user, and timezone located (but not any identifers of location past this), and if the user has linked the device to a third party service such as Amazon Alexa or Google Home/Assistant. All of these things are stored on external locations, and are not available locally to our staff for an extra layer of security.
Items we DO NOT have: any passwords (be it for the user's wifi, the user's login password, or any additional passwords created/supplied by the user), network specific information such as IP or ports, ability to view through any camera (there are no exceptions to this, we cannot view a user's camera live feed because we encrypt it away from even us), the contents of the SD card, or use the camera in any way.
What can I do to be even safer? Can I help make my camera even more secure?
Aboslutely! Despite all of the encryption we have above, there are still places that the user of our devices can help make more secure. We recommend basic security best practices so that your end of the MOBI experience is less vulnerable:
- Use strong, unique passwords for each account you have. (You can have these passwords generated for you and stored by using a password manager.)
- Never. Ever. Use the same password for multiple accounts. Passwords gleamed by hackers in data breaches will always be used on your accounts 1000s at a time.
- Change your Account Password every 2-3 months for highly sensitive accounts such as these cameras, banking, primary email, ect.
- Always change the default password given to you by any system.
- Do not share your passwords with anyone, and any password shared with a company for verification should be changed after its use. (Note: MOBI Technologies will never require you to ever give us your password. There is no way through our encryption process that any MOBI employee is able to see your password- we can only ask the system to reset it on your behalf.)