FB pixel

Eufy doorbell cameras uploading facial recognition data to the cloud without consent

Eufy doorbell cameras uploading facial recognition data to the cloud without consent

If you use Eufy security cameras, they may be sending biometric information to the cloud despite claims to “keep data local,” according to a report on 9 to 5 Google, which details an ongoing back-and-forth between the Anker brand and a security professional on social media.

Last week, on Twitter, a security researcher named Paul Moore posted proof that EufyCam’s Video Doorbell Dual cameras were uploading unencrypted facial recognition data and identity information to Eufy’s cloud servers, without permission, even when the device’s cloud functionality was disabled.

“You have some serious questions to answer, Eufy,” wrote Moore, whose profile lists him as an Information Security Consultant who “defeats behavioral biometrics.” In a series of tweets, he revealed that footage from the company’s cameras could be accessed using simple audio software, without any encryption or authentication measures. “You can remotely start a stream and watch Eufy cameras live using VLC,” Moore tweeted.

The system uploaded face biometrics to the cloud in the form of thumbnail captures, and stored that data on company servers even after it is deleted from the app, Moore said. He also worried that Eufy could link footage collected from different cameras and apps to individuals using facial recognition.

The Video Doorbell Dual, which Moore tested, has two cameras, two-way audio, and smart AI support, and includes PIR motion scans for body heat and radar detection scans for movement. Eufy’s website specifically advertises the product as being an edge computing device, independent of the cloud, and promises that “no one has access to your data but you.”

In Moore’s latest post on the matter, from November 28, he said he has spoken to Eufy’s legal department, and that he believes “it’s appropriate at this stage to give them time to investigate and take appropriate action.” He promised to “provide an update, as & when possible.”

A statement from Eufy published by Android Central seems to indicate that disabling thumbnails for push notifications from the camera prevents them from being uploaded to the cloud.

In addition to doorbell cameras and security systems, Eufy also makes biometric smart locks, robotic vacuums, baby monitors, and other smart home products.

Article Topics

 |   |   |   |   |   |   |   | 

Latest Biometrics News


New FaceTec CLO among avalanche of appointments in biometrics and fraud protection

New executives have been named by biometrics providers FaceTec, Pindrop and Fingerprint Cards, along with C-level appointments by Prove and…


Indonesia issues call for World Bank-backed digital identification project

Indonesia is looking for a company providing consulting services as a part of its upcoming digital transformation project backed by…


Affinidi data sharing framework leverages privacy-preserving open standards

Affinidi, a company specializing in data and identity management, unveiled the Affinidi Iota framework at the WeAreDevelopers World Congress. This…


Sri Lanka set for January biometric passport launch, plans airport upgrades

Sri Lanka is preparing to begin issuing biometric passports with electronic chips embedded as of January, 2025, according to a…


Vending machines with biometric age verification roll out in Germany, US

Vending machines are growing in popularity as a way to sell age-restricted products around the world, with Diebold Nixdorf algorithms…


San Francisco police hit with lawsuit over facial recognition use

In 2019, San Francisco became the first city in the U.S. to ban facial recognition technology, forcing the police and…


Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Most Read This Week

Featured Company

Biometrics Insight, Opinion

Digital ID In-Depth

Biometrics White Papers

Biometrics Events