The Eufy brand was launched by its parent company, Anker Innovations, in 2011.
The company, which was once primarily a vacuum brand, is now a popular home security brand offering a variety of products and services, from cameras, baby monitors, and hard drives to weight scales, lights, smart locks, and more.
But is Eufy a safe brand? Well, the Eufy brand has some excellent offerings, but recently, there has been news disclosing serious security flaws.
Some customers report that Eufy had been uploading data to cloud servers without user permission. While this may be true, the company has since changed its stance.
Key Points
- Eufy brand is a subsidiary of the Chinese-owned Anker Innovations Company.
- The company’s home security devices focus on DIY installation and use a smartphone app for self-monitoring.
- These devices supposedly were using end-to-end encryption, but that was not consistently true.
- However, Anker assures its customers that it has since resolved the problem.
- Anker claims its devices are now end-to-end encrypted by default and uses advanced encryption algorithms to secure data transmission to users' devices.
Is Eufy a Safe Brand? Are They (Or Their Parent Company) Chinese?
As of today, when compared to other leading brands, Eufy may be one of the most secure brands available, and we’ll tell you why. This is because the recent development ensures Eufy devices store information locally and stream video through the Eufy App.
The app itself is protected by near-seamless encryptions—meaning the only way that a person could hack into your Eufy security system is by using your Eufy account information.
Primarily, the Eufy brand is a Chinese electronics manufacturer in Changsha, Hunan, China. But besides its Chinese market, Anker also runs businesses in the United Kingdom, the United States, Singapore, and Japan.
A few years after its inception, Eufy experienced some security issues, and Anker later admitted that their devices were not always encrypted—but promised to do better.
As such, today, Eufy devices pose few security or privacy concerns. So, we will give you a closer look at what caused the safety concerns and how Anker addressed its security woes.
Where Eufy Went Wrong
In the fall of 2022, Eufy was accused of lying to its customers about its cloud policies. Eufy claimed that it never uploads any footage or photos of its customers to the internet and that everything is stored locally on the devices.
However, security researchers and tech news sites discovered that Eufy was actually uploading images (video thumbnails) and video streams to its cloud servers without encryption or proper authentication.
Worse yet, users reported that it was possible to use a link from Eufy's web portal to stream video from Eufy cameras without encryption simply by using the VLC media player.
This means that anyone with the right URL could access and watch the live video feeds of Eufy customers, potentially exposing their privacy and security.
As it turns out, the Eufy Web portal wasn’t intended to support Peer-to-Peer encryption when viewing live videos. Instead, the brand relied on the users to log into the Web portal; this protection was clearly not enough. Eufy also changed its privacy policy page to remove some of its previous statements and promises.
Sadly, it took some time for Anker, the parent company of Eufy, to own up to its faults. Early denials sparked in-depth scrutiny from the media as the company tried to understate Eufy’s security imperfections.
Anker admits to Eufy camera security issues…
Later on, Anker finally admitted to Eufy camera security issues, saying that most of the allegations were true. In a protracted conversation with the Verge, Anker acknowledges that Eufy Security cams generated video streams for the web portal with no encryption.
In their argument, Anker said that their device, “the Video Doorbell Dual,” had to upload a snapshot of the user’s face (for face recognition) to make the setup of several doorbell devices easier without uploading new images.
The company also acknowledged that Eufy only uploaded images (video thumbnails) to send automated messages to users.
While there has obviously been a breach of certitude after breaking its users’ trust, the company is trying to correct its error and improve its products to satisfy the smart home community.
It is worth pointing out that this is not the first time Eufy has faced security issues. Back in 2021, there were reports of people seeing camera feeds of other Eufy App users, which could be worse than this latest security problem. Eufy blamed it on a glitch that affected only some of their products.
How Eufy Fixed Its Security Issues
Where does Eufy go from here? Anker understands the trust placed in their products to protect users and recognizes the paramount importance of security for their devices. According to the company, today:
- The connection between the user’s device and the Eufy App is end-to-end encrypted using safe P2P services. This makes it safe for users to view videos from their devices on the Eufy Secure App.
- Eufy has also focused heavily on securing user data and privacy. All videos (both live and recorded) that move from the user’s device to the Eufy App or the Eufy Web portal are secured with end-to-end encryption using RSA and AES algorithms.
- Additionally, every Eufy Security camera records, stores, and encrypts videos locally—either directly on the device or the HomeBase system.
These steps are positive and maybe essential for the development of any security brand that wants to be taken seriously.
But to further raise its security standards, Anker has implemented several measures and undertaken respective initiatives to enhance the overall security of its smart home devices. These include:
Firmware Updates
The company addresses security issues by releasing regular firmware updates to ensure that its devices remain up-to-date with the latest security protocols. These include patches for advanced encryption algorithms that function to secure data transmission between Eufy devices and users’ devices.
Two-Factor Authentication
Anker enhanced its security by applying two-factor authentication (2FA) to its products. This authentication technique makes it more difficult for attackers to get into your online accounts or personal devices with just your password.
By doing so, it guarantees that your devices’ footage and your personal data stay private and secure from unauthorized access. Even if your password gets hacked, a password only is not sufficient to pass the authentication check.
Collaboration With Security Experts
To adapt to emerging security threats and trends, the company collaborates with researchers and renowned cybersecurity experts. The partnership allows Eufy to perform a comprehensive assessment of its products, tap into the expertise of industry leaders, and implement cutting-edge security solutions.
Vulnerability Testing
Also called vulnerability assessment, this act has become increasingly vital to Eufy brand survival and strength. The brand uses this cybersecurity process to identify and evaluate the degree of weaknesses in its IT infrastructure.
By proactively seeking vulnerabilities, Eufy can remediate security vulnerabilities in operating systems and promptly address other identified security issues.
Promoting Security Awareness
Let’s admit it. The average person’s cybersecurity knowledge is, well, patchy. Most Eufy device users just don’t have the knowledge, tools, and support they need to protect themselves or their organizations.
Anker recognizes the importance of user education on cybersecurity issues. They actively promote security awareness to help employees and users understand potential cyber threats and how to identify and prevent them. The company emphasizes the need to be cautious when sharing sensitive information, the significance of regular updates, and the importance of creating strong passwords.
So, can you trust the Eufy brand?
Every so often, users hear about data leaks and cybersecurity flaws from companies that have gained user trust—this isn't new. Given the Eufy brand security concerns, the company sure has a long way to go to regain consumer trust, and though their new strategies seem promising, it will take time for that to happen.
As far as what the device uploads to the cloud, Eufy has made clear disclaimers explaining that it must upload some data on the mobile app to cloud servers whenever users enable features like video previews for push notifications.
From our point of view, this should cause no alarm, as it is pretty common even with other popular smart home security brands.
To give you peace of mind, the company has put in place new protocols and procedures for security measures. Eufy ensures all your videos are locally stored and secured with end-to-end encryption by your Eufy device.
For users with cloud storage, their data is encrypted between the AWS (Amazon Web Services) and Eufy devices. You’ll need to use Eufy software and log into your account to access your data.
Do you also face Bad Eufy Bitrate (AKA Recording Quality)? Check out this article?
Frequently Asked Questions
Is Eufy a Legit Company?
Is Eufy Still Safe?
Moreover, your videos are saved locally on your Eufy devices and encrypted with AES, which is a standard for securing data, to prevent anyone from viewing them without your permission.
Are Eufy Devices Susceptible to Hacking?
Nevertheless, the manufacturer advises users to adopt best practices for maximum security. These involve creating strong passwords and not sharing account information with anyone.
Where Does Eufy Store Data?
This way, the data stays within the customer’s home and does not require any internet connection or cloud service. For users who subscribe to the cloud storage services, their videos are securely stored in the cloud, and they can delete them anytime.
Bottom Line
A recent scandal put Eufy's brand into question after confirming that their so-called end-to-end encrypted cameras are not actually encrypted. Although this was the case, Eufy’s parent company, Anker, has taken intense measures and put in place new protocols to address the security issues raised against it.
Today, Eufy ensures all your videos are locally stored and secured with end-to-end encryption by your Eufy devices. The only way a Eufy device might become a security risk is if you share your account information.