Matter Product Security Certification: Key Points Explained!¶
The new Matter protocol enables interoperability among smart home devices from different manufacturers, combining interoperability, reliability, and security—a significant step forward for the industry.
Matter, based on IP protocol, allows smart home devices to work together out of the box. This means less hassle when setting up initial networks or adding devices in the future, ensuring a better user experience.
Moreover, the Matter standard employs robust, extensively tested security mechanisms to maintain information confidentiality, prevent unauthorized access, and ensure every communication is protected. For instance, Matter-certified devices have unique identities, undergo authentication before joining networks, and encrypt data to safeguard confidentiality and privacy. Detailed access control policies restrict device operations to only those actions they should perform.
Device Authentication¶
A fundamental aspect of Matter security is device authentication, a process verifying devices before sharing information. Matter devices must undergo device authentication to confirm their authenticity, prove their trustworthiness, and establish authenticated connections before sharing data with networks or other devices.
Device authentication is akin to obtaining a passport. To get a passport, we apply to a trusted government authority, which verifies our identity and issues official credentials as proof. The passport informs others (border agencies, bank officials, lawyers) of our identity, demonstrating our trustworthiness and providing a basis for accessing needed information.
Similarly, device authentication involves using official certificates issued by trusted authorities to confirm device identity and grant access. Matter's device authentication relies on Public Key Infrastructure (PKI) and utilizes X.509 certificates to verify the identities of Matter products and device suppliers. PKI and X.509 certificates have been managing internet identities and security for decades, also serving various offline applications such as electronic signatures for verifying legal and financial transactions.
Matter employs X.509 certificates for device authentication, ensuring only compliant products from legitimate device suppliers can join Matter home networks.