Can you really crack the Kwikset Kevo?
The CNET Appliances team investigates a potential security flaw in Kwikset's new smart lock.
In my review of the
Of course, the Kevo is really two products in one. On the outside, you've got UniKey's Kevo technology: a Bluetooth-powered, touch-friendly smart casing for a lock. On the inside, you've got the lock itself: Kwikset's SmartKey deadbolt. Because we're not professional locksmiths here in the CNET lab, it's our policy to rely on certified organizations that are equipped to test how well a bolt stands up to thieves.
Underwriters Laboratories (UL) tests how resistant locks are to picking, and the SmartKey deadbolt specifically earns the highest UL rank: essentially pick-proof (it's bump-proof too, since it doesn't use a classic pin and tumbler design). As for the strength of the lock, the American National Standards Institute (ANSI) and the Builders Hardware Manufacturers Association (BHMA) grade the SmartKey deadbolt used in the Kevo, model 925, at Grade 2. It's not the best score, but Grade 2 is still a good score, one that's supposed to mean that the lock can stand up to a whole lot of abuse and still remain unbroken.
As it turns out, many of you weren't nearly as convinced.
Kwikset's YouTube problem
That might have been because you had seen the videos that investigative attorney Marc Weber Tobias of BrickHouse Security has uploaded to YouTube. One of Kwikset's most vocal critics, Tobias recently told WIRED that the SmartKey deadbolt can be broken into with a minimal amount of time, force, or expertise. The most glaring vulnerability involves a method where a piece of a particular type of blank key is jammed into the lock with a screwdriver and a hammer. Then, using a wrench, the screwdriver is turned, opening the lock in mere seconds.
The video uses a model 980 SmartKey deadbolt, which is similar to but not the same as the 925 that the Kevo uses. We spoke with the engineers at Kwikset, and they claimed that security upgrades in the 925 would prevent many of these kinds of attacks. They also point out that Tobias and his team are experts at breaking into locks, and that the screwdriver attack isn't nearly as easy to pull off as the video would have you think.
We wanted to get to the bottom of this. Was the Kevo's SmartKey deadbolt really vulnerable to such a simple technique? If so, would a wannabe burglar with minimal experience really be able to mimic the video and open the lock? Or, was the 925 enough of an upgrade from the 980 to block these kinds of attacks?
Putting the Kevo to the test
After acquiring a few more Kevo deadbolts and installing them on our test floor, we set out to try and break our way past them. We spoke to Tobias, and he was willing to share the specific hardware necessary for the attack to work. His video doesn't reveal these details, and for the safety of those who already own the lock, neither will we.
For our first attempt, we used tools similar to what you'll see in the video, but not exactly the same. Our goal was to see if the technique was so simple that even an imprecise, unskilled thief could pull it off. I played the role of this particular burglar, since I have little to no experience breaking and entering.
I inserted the sawed-off bit of blank, then jammed a screwdriver in behind it. Using a basic pair of pliers, I gripped the screwdriver and forced it to rotate, mangling the face of the lock in the process. The screwdriver turned, but the lock didn't open. My attempt had failed. Score 1 for the Kevo.
Next up was Steve, one of our technical editors. Aside from being naturally handy and experienced with locks, Steve was equipped with identical tools to what you'll see used on YouTube. We wanted this to be an intermediate challenge for the lock -- still not a professional, but a skilled amateur: akin to a thief who had jimmied a few locks open in his time, and who had studied the Tobias video carefully in order to try out this technique.
Steve slipped the blank into the lock, then hammered the screwdriver in behind it. He clamped down his tension wrench and began jimmying the lock. Again, this mangled the keyhole, and this time, after about four minutes...the lock turned. Steve had broken his way in on his first attempt, after only watching the video a few times.
For our final test, we brought in Chris Lind, of Bob Cook Locksmiths in Louisville, KY. After telling us that the weaknesses of the SmartKey deadbolt are well known throughout his trade, Chris demonstrated how a professional would execute Tobias' method. With a fresh, new Kevo installed in our test door, and using the same tools that Steve had used, Chris forced the deadbolt open in about 30 seconds, and did it without causing any visible damage to the front of the lock. It may be true that locksmiths can force their way into just about any lock, but according to Chris, the SmartKey deadbolt is the only one that he'd be able to break into using this method, due to the unique horizontal slider that it uses in place of a pin and tumbler setup.
A deadbolt defeated?
Given this clear security flaw, I'm not sure that I'd still recommend the Kevo, and I've updated
The important takeaway with the Kevo is that you need to understand what you're paying for. It isn't a more secure lock than the average deadbolt -- it's a more convenient one. Touching your way inside and using your smartphone as an eKey are especially nice features, but they don't make the lock any safer. The same can be said of the SmartKey deadbolt's re-keying feature, which allows you to alter the lock to fit a new key in a matter of seconds. It'll save you from spending over $100 to have a locksmith re-key the lock for you, and it's a great feature, but not one that's designed to make the lock inherently more secure.
We spoke with the engineering team at Kwikset again following our tests, and despite their rather surprising claim that they've been unable to successfully replicate Tobias' screwdriver attack in their own testing, they reassured us that the security of their locks is of the utmost importance. "We're very confident in the SmartKey cylinder's security," said Kwikset's VP of Marketing Marty Hoffmann, citing the fact that the SmartKey deadbolt protects against covert entry methods such as picking and bumping. As for forced entry methods, he also pointed out that all locks have vulnerabilities to the kinds of techniques that show visible signs and may be loud in their method of attack.
"I would tell you that I have that cylinder on my home," Hoffmann said. "I have two baby girls, and I can sleep well at night knowing that I feel I have the best residential lockset on the marketplace."