Following a U.S.-only “technical preview” that kicked off back in January, Ring announced Tuesday that users worldwide can now enable end-to-end encryption for supported Ring devices. Ring also unwrapped a pair of new security features: support for authenticator apps and CAPTCHA.
Ring users around the globe can now opt-in to video end-to-end encryption for more than a dozen cameras and doorbells. During the initial technical preview, only eight Ring devices supported end-to-end encryption.
The new list includes the Video Doorbell ProRemove non-product link and Pro 2; the Ring Video Doorbell EliteRemove non-product link and Doorbell Wired; the Spotlight Cam Wired and Cam Mount; the second-gen Stick Up Cam EliteRemove non-product link and Cam WiredRemove non-product link; the Indoor Cam; the Floodlight Cam (1st-gen), the Floodlight Cam Wired ProRemove non-product link and the Floodlight Cam Wired PlusRemove non-product link; and the third-gen Stick Up Cam Plug-InRemove non-product link.
You can activate end-to-end encryption by visiting the Control Center at Ring.com or on the Ring app.
Ring camera feeds and recorded videos are already encrypted on their way to the cloud and while they’re sitting on Ring’s servers. With end-to-end encryption, however, Ring videos are wrapped in an additional level of AES 128-bit encryption, starting locally on the camera itself and continuing all the way to a user’s iOS or Android phone, where it’s finally decrypted.
Once you enable end-to-end encryption, no third parties will be able to see your videos without the private decryption key of a public/private key pair, which is stored only on an “enrolled” phone and secured by a 10-word, auto-generated passphrase.
While end-to-end encryption will prevent strangers from snooping on your videos, enabling the extra security will also nix a few key features—namely, those that rely on in-the-cloud analysis.
For starters, those who opt into end-to-end encryption will have to do without motion verification and “people-only” mode, which leverage the cloud to detect movement and people in your video footage.
Other handy Ring features that won’t work with end-to-end encryption enabled include shared video links, the Ring event timeline, rich event notifications, and “shared” users, not to mention Pre-Roll, Bird’s Eye View, and Snapshot Capture. You also won’t be able to view your encrypted videos or live feeds on Ring.com, the Windows or Mac desktop apps for Ring, Amazon Echo Show or Fire TV devices, or any third-party devices.
Yes, that’s a lot of functionality to give up, but plenty of Ring users may figure that the extra security provided by end-to-end encryption is well worth the tradeoff—and besides, you can also disable end-to-end encryption if you wish.
Authenticator app support
Besides the worldwide rollout of end-to-end encryption, Ring is also unveiling support for authenticator apps as an option for two-step login verification.
Among the authentication apps you can use for logging into your Ring account are Google Authenticator, Twilio Authy, Microsoft Authenticator, and LastPass Authenticator.
Once you’ve enabled the use of an authenticator app from the Ring Control Center, you’ll be prompted to retrieve an authentication code from the app each time you log into your account.
Previously, Ring only offered email and text verification for two-factor authentication. Those methods of two-step verification are better than nothing, but authenticator apps are far more secure.
Another new Ring security measure may inspire a few groans. CAPTCHA, the effective but much-loathed security feature that makes you prove you’re a human by checking a box or solving annoying “visual puzzles,” is coming to the Ring and Neighbors apps.
The addition of CAPTCHA can help prevent spambots from logging into your Ring account, and if you ask us, more security is always a good thing. Still, there’s nothing fun about trying—and too often, failing—to pick out buses, bicycles, or crosswalks from a grid of tiny pictures.
Self-service device transfer
Ring had one more feature to announce Tuesday: an easier way to transfer ownership of a Ring device to a new user.
Instead of having to call customer support, the new owner of a used Ring device can now scan it during setup and follow the instructions from the Ring app. Doing so will notify the previous owner, as well as de-link the former owner’s videos and events from the device before transferring ownership to the new user.
The self-service device transfer won’t work if the product is marked as stolen, enrolled in end-to-end encryption, or is part of a Ring Protect plan.