Amazon Key increases security threats

by Linas Kiguolis - -

Recently Amazon has launched a brand new service called Amazon Key. Amazon Key is a delivery kit which allows couriers to deliver packages inside customers’ houses.

Amazon Key Security threat

The kit costs $249 and includes a smart-lock together with security camera launched by Amazon called Cloud Cam. Cloud Cam is supposed to be fitted inside a user’s house.[1]

After installation of the kit, Amazon Prime members are able to select in-home delivery for their purchases.

So how does in-home delivery work?

Once the delivery arrives to buyers, Amazon authorizes the purchase, which will prompt the Cloud to unlock the door and enable the Cloud Cam. Customers are able to see the delivery live or watch it later.[2]

Amazon Key also enables users to use this feature for their personal reasons, including for permanent access for relatives, friends or to give temporary access for cleaners or dog walkers.

Amazon Key offers Prime Members for professional service providers such as Merry Maids or pet sitters and walkers and more than 1,200 Amazon Home Services.

However, by launching Amazon Key, security concerns also raised.

Adam Maskatiya and Eire GM, security researchers at Kaspersky Lab commented:[3]

Amazon’s latest service—which looks set to revolutionize the delivery market—feels like a huge test of consumer trust. What makes the issue particularly dangerous is its potential reach: If a hacker can access the database of door codes, they can gain entry to a whole street’s worth of homes. That is what users need to be aware of; not how Amazon will use their information, but how hackers could potentially exploit it.

In addition, Amazon has not provided any details about IoT security evaluations that could possibly be integrated into the scheme under the general approach.

Maskatiya indicated at InfoSecurity online magazine that,

Developers of smart devices do little to secure them, rarely release firmware updates and don’t explain to users that they should change their passwords. This makes IoT devices perfect targets for cyber-criminals. By successfully hacking IoT devices, criminals are able to spy on people, blackmail them and even discreetly make them their partners in crime.

What is more, Amazon Key also increases concerns about physical security. Especially since delivery workers are not considered as a trusted group for many customers, even if they have licenses. Of course, Cloud Cam would record any illegal activity but the threat is still alive because there could be many ways to bypass the security.[4]

However, Amazon has not yet disclosed any comments on the criticism and security fears.

About the author

Linas Kiguolis
Linas Kiguolis - Senior IT developer

Linas Kiguolis is a senior IT developer and news editor at He has a major in Applied Computer Science because IT has been his passion for a very long time even before he went to college.

Contact Linas Kiguolis
About the company Esolutions


now online
Like us on Facebook