Security of the InternetDoorLock is the leading concern in UpAussie’s mission to serve our customers.
Attainment of highest possible security is major concern to UpAussie and is pervasive in every aspect of the InternetDoorLock design and operation.
The UpAussie InternetDoorLock is based on TuffServer technology, which is developed according to OWASP security specifications, and has been penetration tested to ensure all known vulnerabilities have been addressed.
Your InternetDoorLock comes with 12 months free software upgrades, to ensure all new security developments are incorporated into your door. UpAussie recommends an annual service visit, to ensure the highest level of security.
TuffServer security specification
The UpAussie internetdoorlock utilises the latest version of TuffServer security, which is designed to minimise all the following security threats:
- - Your door invisibile to internet search engines.
- - Minimal fingerprint on the internet.
- - Blocking web copier threats.
- - Resilience to spider threats.
- - Resilience to crawler threats.
- - Resilience to robot threats.
- - Resilience to ping search engines.
- - Enforcement of strong passwords.
- - Captcha verification of human input.
- - IP lockout upon series of incorrect passwords.
- - User lockout upon series of incorrect passwords.
- - IP blocking of direct attacks from foreign countries.
- - Alarm generation to UpAussie customer services centre for suspicious login activites.
- - No directory browsing.
- - No metadata.
- - Encrypted communication is enforced with HTTPS protocol.
- - No unsecured HTTP communication.
- - Secure, SSL link established upon access.
- - No cross domain access.
- - No open-source or commercial apps with known vulnerabilities.
- - No frameworks.
- - Safe shutdown against DOS (Denial Of Service), DDOS, and Bruteforce attacks.
- - Designed to fail in “lock” condition, upon any successful DOS, DDOS or Bruteforce attack.
- - No forced browsing.
- - Immunity to parameter modification.
- - Session ID protection.
- - No exposed session variables.
- - Resilient to SQL injection.
- - Internal encryption of passwords.
- - Robust session management.
- - Secure cookie design with customisable life span.
- - Immunity to CSRF (cross site request forgery).
- - Idle timeout.
- - Immunity to session puzzling.
- - Protection from XXS, cross-site scripting.
- - Immunity to LDAP injection.
- - Immunity to SSI injection.
- - Immunity to XPath injection.
- - Immunity to HTTP splitting and smuggling.
- - Protection from DOM based Cross Site Scripting.
- - Protection from Clickjacking.
- - Immunity to Cross Site Flashing.
- - No websockets.
InternetDoorLock hardware specification
We use commercial grade electric door strikes. We use industrial grade power modules. We use standard off-the-shelf ARM microprocessors for software control. All cabling is compliant to Australian Standards, AS-3000.
In our testing process, we engage ethical hackers to find weaknesses in our security features, and to work with us to continuously improve the InternetDoorLock. We also communicate with Australian universities and other industry leaders to actively participate in the industry trends. On this basis, the InternetDoorLock is determined to be an industry leader in our business.
Our App is manually installed onto your personal smart-phones and devices, and manually confiruged, to minimise the risk of hacking.
Our pledge to you is, we will provide free software upgrades during the 12 month warranty period.