Security & Protection
for TimeTec BLE-2 and i-TimeTec
TimeTec applies 4 levels of security measure to enhance the security in terms of data transfer between i-TimeTec App and TimeTec BLE-2.
Since i-TimeTec Mobile App functions as a main controller for the entire system, whereby individuals can add or manage users and access permission; the Mobile App thus requires users to login by inserting their username (valid email address) and password before using it. Additionally, the login credentials are stored and verified at the cloud server to further increase the security aspect.
Mobile Identifier (Mobile ID)
The second level of protection is Mobile ID. Basically, when users first login to i-TimeTec App, the Mobile App will subsequently capture and generate a unique ID known as mobile identifier (Mobile ID) that pairs with the user’s account. Hence, if users signs into another smartphone with the same login credential, the cloud server will in turn block the login process as it detects a change in the Mobile ID. Therefore, users will need to insert a pairing code sent by the cloud server into their registered email account, if they wish to login via a new smartphone.
Encryption On The Mobile App Command
In order to secure all traffics between TimeTec BLE-2 IoT device and the smartphone, TimeTec applies a proprietary encryption to secure all commands sent by the smartphone to TimeTec BLE-2. Inside TimeTec proprietary encryption, a 64-bit XOR Cipher algorithm is applied as the cryptographic. The XOR cipher is a type of additive cipher, whereby a string of text can be encrypted by applying the bitwise XOR operator to every character using a given key. As such, the longer the key applied, the more secure the encryption.
Secure Bluetooth Communication
Besides data encryption, TimeTec have also adjusted the Bluetooth range or Bluetooth antenna of the IoT devices to prevent unauthorized individuals from Bluesnarfing on our IoT devices. For example, if a smartphone is to be connected to a BLE door lock, the users must be within 1-2 meters from the IoT device in order for to prevent intruders from eavesdropping on the Bluetooth connection. That said, it is thus important for every user to understand the technology and the risks involved during its usage for better user experience.