Amazon Delivery

Amazon Key Security Cam Might Not Be So Secure

Amazon’s new delivery service, dubbed Amazon Key – which enables delivery agents to leave packages inside homes and apartments, and comes with a camera to ensure safety and security – can reportedly be hacked.

According to a Wired news report citing security researchers, the internet-enabled camera, dubbed Cloud Cam – which is designed to view delivery people entering the home unattended – can be easily hacked by a simple program running from a computer that is within Wi-Fi range of the camera. The software can disable and freeze the camera, so a viewer would only see a closed door even if the door is open and an unscrupulous delivery person is robbing or violating the home. In theory, this would enable a rogue delivery agent to steal from Amazon customers.

Ben Caudill, the founder of the Seattle-based security firm Rhino Security Labs, whose researchers discovered and demonstrated the Amazon Key attack, told Wired that the ease in hacking the camera counteracts a key safety feature of the Amazon security system. “The camera is very much something Amazon is relying on in pitching the security of this as a safe solution,” he told Wired. “Disabling that camera command is a pretty powerful capability when you’re talking about environments where you’re relying heavily on that being a critical safety mechanism.”

Amazon told Wired it will issue an automatic software update later in the week that will address the security vulnerability.

While Amazon is hoping to solve delivery problems with Amazon Key, the service isn’t resonating too well with its legions of customers. A SurveyMonkey poll conducted on behalf of Recode found that about 58 percent of Amazon Prime customers would definitely not buy Amazon Key – only slightly less than the 61 percent of all U.S. adults who wouldn’t buy the product. Among Prime subscribers, only 5 percent said they would definitely buy Amazon Key, while only 4 percent of all U.S. shoppers said they would. Nearly 60 percent of the respondents have Prime subscriptions.

For those who would buy the product, convenience and novelty of the device were key factors, with some even calling it “genius.” Those who would not purchase it often mentioned privacy and security concerns.



B2B APIs aren’t just for large enterprises anymore — middle-market firms and SMBs now realize their potential for enabling low-cost access to real-time payments and account data. But those capabilities are only the tip of the API iceberg, says HSBC global head of liquidity and cash management Diane Reyes. In this month’s B2B API Tracker, Reyes explains how the next wave of banking APIs could fight payments fraud and proactively alert middle-market treasurers to investment opportunities.