Is my camera secure?
This document is intended to provide a detailed explanation of how CYVIO devices implement end-to-end protection for video and related data. Throughout the entire data lifecycle—from generation on the device, transmission over the network, to final storage—we employ multi-layer encryption and security technologies to ensure data confidentiality, integrity, and overall security.
Data Protection Overview: Three Core Security Layers
The table below outlines how your data is protected at different stages:
|
Protection Layer |
Primary Protection Goal |
Core Technical Measures |
Core Value |
|
1. Transmission Protection |
Prevent real-time video streams from being intercepted, eavesdropped on, or tampered with during network transmission. |
AES data encryption is applied to all transmitted data. |
Ensures that your live video and control commands travel through complex network environments as if within a "dedicated secure tunnel," effectively preventing man-in-the-middle attacks and unauthorized interception. |
|
2. Storage & Export Protection |
Prevent theft of locally stored files and ensure the security of video files shared outside the system. |
Local recordings are stored in encrypted form; exported video files support secondary encryption using a user-defined password. |
Even if storage media (such as an SD card) is lost, the data cannot be read. Exported video files come with a built-in "password lock," eliminating the risk of data leakage during secondary distribution. |
|
3. Device & Configuration Protection |
Prevent system intrusion through attacks on device configurations (such as passwords) and reinforce the security baseline. |
AES-256 encryption is used to protect internal device configuration data, with runtime keys and backup keys kept strictly isolated. |
Even if a device is lost or backup files are leaked, attackers are unlikely to decrypt and obtain valid system credentials, safeguarding the "last line of defense" for system access. |
Detailed Explanation of Each Protection Layer
1. Video Transmission Protection: A Secure Communication Tunnel
Scenario:
Live video captured by the camera is transmitted over the network to your CYVIO App.
Protection Mechanism:
Once connected to CYVIO cloud services, all video streams and control signaling are protected with strong encryption before being transmitted over the network. This ensures that data remains encrypted at all times while passing through routers, public internet infrastructure, and other network nodes, effectively defending against network eavesdropping and man-in-the-middle attacks.
2. Recording Storage & Export Protection: Controlled Data Assets
Local Storage:
Video recordings stored on local storage media within the device are encrypted and cannot be directly accessed or interpreted without authorization.
Secure Export:
When you need to download recordings for evidence or backup purposes, you can enable the off-device file encryption feature. The system will prompt you to set a dedicated password, which is then used to independently encrypt the exported video file.
Encrypted files can only be played using a compatible dedicated player and by entering the correct password, completely eliminating the risk of secondary data leakage during external circulation.
3. Device Configuration Protection: The Foundation of System Access
Protected Assets:
Critical information stored inside the device, including Wi-Fi credentials, administrator accounts, and system configuration data.
Protection Mechanism:
All such information is encrypted at the time it is written to the device. More importantly, the encryption keys used during device runtime are strictly separated from the encryption keys used for exported configuration backup files.
This "key isolation" design means that even if an attacker somehow obtains a configuration backup file, they still cannot directly decrypt the device's current internal configuration. This significantly increases the difficulty of attacks and safeguards the underlying security of system access.
Additional Security Measures You Can Take
Technical protections are most effective when combined with good security practices:
l Use strong passwords: Set unique, complex, high-strength passwords for your CYVIO account and device login.
l Keep systems up to date: Regularly check for and install the latest firmware updates and CYVIO App versions to receive security patches and feature enhancements.
l Enable encrypted exports: Always enable file encryption and securely remember the export password when sharing or backing up important recordings.
l Ensure physical security: Install devices in locations that are difficult to tamper with and properly safeguard storage media.
Summary
Through four core pillars—encrypted transmission, encrypted storage, privacy isolation, and hardened configuration protection—CYVIO builds a comprehensive security loop spanning from cloud to device, and from data streams to configuration files.
We believe that true security should be inherently embedded within the system architecture, silently protecting every frame of video and every access request throughout its lifecycle.