Personal Security 

Critics Say Echo Show’s Drop-In feature is a security risk… But Amazon Disagrees.

The New Echo Show’s controversial feature, “Drop-In”, allows two people who have the same device to make calls to one another, and have those calls automatically connected, without the need for the receiver of the phone call to “answer”.  Hence the term created for it: “Dropping In”.  Imagine your mother-in-law just “dropping in”.  Or worse.

Amazon introduced it with the newest line of Echo’s (The Echo Show) and will be applying it to older Echo devices this week as a promotion of it’s new intercom features. Critics questioned the feature when it was initially rolled out with the free Echo calling feature back in May, but with the Show arriving later this week, privacy and security concerns are back with a vengeance.

It’s an odd feature choice seeing as Amazon has already received flak for it’s “always-on” microphones in the original Echo — althoguh this time Amazon has gone to great lengths to assure everyone that this is an entirely “opt-in” feature, and it can only work if both parties have enabled it.

Amazon reiterated that point in a statement provided to TechCrunch, adding, “Customers will know when they are engaged in a Drop-In call as they will first hear a ‘chime,’ and the green light ring on their Echo device will rotate throughout the call. On Echo Show devices, the caller will experience a 10-second ‘frosted glass’ screen when dropping in on an approved contact or room, so the call recipient can decline the Drop In in that timeframe before they are shown on the screen.”

The targeted audience for this feature is primarily adults wanting to check in on their elderly relatives or use it as a baby monitor.  Having the audio-visual warnings prior to call connection is good too as it makes it impossible for an average user to use it stealthily or unwittingly.  But even with the “frosted glass” that partially obscures the screen for the first 10 seconds, it’s easy to imagine a scenario where the user on the other end is out of the room when a Drop-In is initiated or otherwise doesn’t notice that first chime.

While many people praise the new intercom, hands-free and built-in camera features, it was only a matter of time before others would raise major privacy concerns.

And what about hackers?  Like any successful company, Amazon isn’t about to reveal how the server side of technology like “Drop-In” works.   Companies often protect their secret formulas like that, partially to keep hackers at bay — which may go a ways toward explaining why it took so long for the company to issue an official response to earlier questions about what the Echo records and uploads to its servers.

It’s a balancing act.  On the one hand companies like Amazon have to protect their interests and consumers by not revealing how their technology works.  But on the other hand customers need to be reassured that their privacy is not being breached.

“We take security very seriously at Amazon, and Alexa calling and messaging is no different,” the company tells TechCrunch. “The new Drop-In feature leverages the same security measures used in other Alexa features available on Echo devices. We limit the information we disclose about specific security measures we take, but I can tell you that — just like other calling and messaging services- –Alexa calling and messaging is encrypted in transit to protect our customers. Further, we have full teams dedicated to ensuring the safety and security of our Alexa customers who regularly conduct security reviews of our products and features.”

Amazon was also quick to point out a “mute button” at the top of the device, which, when hit, would disable both the mic and the camera.  However, it would mean having to train oneself to hit the button every time one was getting dressed or during any other private moment they didn’t want to risk having uploaded to Amazon’s servers.

We’d suggest using that button generously.  In fact, it may be a good idea to disable such a feature all together.  If yours should get hacked in any way or viewed by the wrong person, you’re basically broadcasting a Truman-Show-esque view of your home out into the world.  The only way to top it might be with a big neon sign on your roof that flashes “Rob This House”.

Pin It

Related posts