Homekit changes coming in iOS13

Every couple of years, Apple reveals some notable improvements to HomeKit at their annual WWDC event. With only minor changes in iOS12, this year was due for some good news. While there are various things that could use some work, such as further enhancements to automation rules and expanded device capabilities, Apple’s focus this year was to push into new territory entirely as well as to deliver some quality of life improvements. 

Apple is definitely doubling down on their push to be the bastion of consumer privacy, and so far they appear to be making good on that pledge. Not only have they focused on privacy from the ground up in their products and services, but they’ve been cracking down on third party apps that take liberties with customer data as well. This year, HomeKit (while already privacy focused) gets some big changes to help tackle some of the biggest privacy and security concerns in the smart home.

So What do we get? 

 The two big security features slated for iOS13 tackle security camera and the always worrying storage of video, and smart device security through a new and very interesting router integration. Also being tackled is the much maligned absence of multi-user support for the HomePod (which extends to Apple TV as well), which Amazon and Google have been had for some time on their respective smart speakers. Finally, the Home app gets a UI overhaul, providing better access to common device controls on a single page, and the ability to control audio/video playback from automations and scenes.

IMG_0298.PNG

Improved Accessory Controls

This one is mostly about the user interface in the Home app. The fairly basic controls for devices have been reworked to provide a more unified experience based on the device type, and place the common controls you would look for on a single page. This also applies to sensor data where multiple data values are captured by the same device, such as with the Hue Motion Sensor which has light intensity, motion, and temperature sensors.

A big improvement in this space is the new ability to control audio and video playback on HomeKit enabled media devices. Up to now we’ve been limited to play/pause using the Home app, and no ability to automate anything around playback. Now we’ll be able to include media devices in automations, with the option to play/pause/resume the content, and set the volume.

In addition the changes to the Home app, there will be a new section in Siri Shortcuts for Automations. From Shorcuts you can create automations for the Home (that all members can see), or just personal ones for your AppleID. These automations allow access to read the state from devices and send commands, which opens up a whole new level of home integration for Shortcuts which was sorely lacking.

Multiple Voices on HomePod

This adds a feature that has been on the Wish list of many since the HomePod was released; the ability for HomePod to determine who is speaking based on their voice, and use their own account content appropriately. The most obvious benefit is for music selections to be based on the preferences on the speaker, rather than the Home ‘owner’ account. But more than that, Apple confirmed that this will also apply to other iCloud features, such as Calendar, Reminders, Contacts, and so forth, enabling significant improvements to the utility of the HomePod in a family environment.  

While not specifically a HomeKit feature, the management of shared Home devices is handled through the Home app and the HomeKit platform, so we can expect to be managing the account preferences for family members through that mechanism. How well the voice identification works is still an unknown, as the beta for the HomePod software is not yet available.  

Your Own Profile on Apple TV

This one is related to the HomePod enhancements, as both the HomePod and the AppleTV are based on variants of iOS and hook into HomeKit. The natural extension of enabled multiple account support for the HomePod is to provide the same in a TV context. So like the HomePod, Apple TV will now allow users to select a profile from a new sidebar pull out, which will then tailor their Music library and TV app preferences and recommendations to their own account, similar to other streaming apps like NetFlix.  

This will become more important with the coming Apple TV+  streaming service, as household members would want to have appropriate recommendations for their own viewing interests or age group. Whether this also enables access to each person’s iTunes libraries for purchased content is unclear.

apple-tv-multi-user-support.jpeg

Secure Camera Recording

This one is huge. Connected security cameras offer numerous benefits such as smart alerting, the ability to review recorded events when away, and the ability to live stream to check on things at home. The biggest drawback to date has been the requirement for the camera maker to have access to and store your video for these features to work. 

Even the ability to send smart notifications, such as for person detection, requires the video to be analysed by a server to determine the content of the recorded event. And the fact that your videos are stored somewhere in the cloud is an ever present privacy concern. We simply can’t know what’s our camera maker’s internal policies are, how well they are enforced, and how good their security really is.  

Apple is proposing a new solution for HomeKit enabled cameras, which have had lackluster uptake due to being fairly limited in functionality to date.  With Secure camera recording in iCloud, Apple is leveraging their work with on-device machine learning to handle the notification processing locally (on your home hub, be it an Apple TV or HomePod) before encrypting the video and then sending it to iCloud. This ensures no one else can access the recorded video, as it’s encrypted with an account specific HomeKit key that Apple doesn’t have.

Storing video naturally uses quite a bit of data, and most smart camera require some sort of subscription service to cover the storage costs. Apple is offering secure camera storage for up to 10 days at no cost, it doesn’t count against your iCloud data. You get that storage for one camera on a 200GB iCloud plan, or up to five cameras on a 2TB plan. It appears that Apple isn’t limiting the use of third party cloud services as well, and warns users that the camera may be recording outside of the limits you specify in the Home app if you chose to configure a third party subscription.

Along with the secure cloud storage, we’re getting some new control options in the Home app to govern how our cameras operate. These include specifying whether to stream (live view), stream and record, just send motion notifications, or turn off the cameras when someone is home or when everyone is away. This can be done on a per-camera basis, which gives a good level of control. 

This new approach will be available to newly certified cameras, with some decent names on board to bring products to market. NetAtmo will provide support in their upcoming smart doorbell, while Eufy and Logitech have pledged to bring it to new devices in the ‘near future’.  

Secure WiFi

Apples next foray into securing your devices was a surprise: They’re adding HomeKit integration to routers. Essentially what this means is that users will be able to create routing rules for their HomeKit devices to govern what they can talk to, which is something power users could do now on any decent router. However, Apple is doing what they do best and making it simple for end users to make simple selections to perform otherwise complex technical tasks. Targeting these specific use cases makes the choice of configurations to support real actively simple, and empowers users to enhance their security beyond not what most people would even consider, let alone be able to do.

You’ll get a new Wi-Fi & Router’s section under your home configuration, where you can turn on the HomeKit security feature. You’re then able to specify the restrictions per device from a list of three options. The options go from most to least restrictive and a called Restrict to Home, Automatic, and No Restriction. 

The Restrict to Home option limits communication to other HomeKit devices and the Home Hub only. Automatic allows additional communication to internet services which are ‘approved’, and No Restriction is basically what we have now.  The restrictions address the biggest risk with smart devices, which is that they are themselves potentially exploitable. Apple’s mandated security protocols in approved HomeKit devices provides a hedge against this to some extent that other third party devices don’t have. This new approach recognises that security is hard, and low cost devices such as these are particularly prone to software flaws, especially if they are connected to a cloud service outside the home. 

By restricted their access to other HomeKit devices only, the devices are fire-walled off from the rest of your network, which prevents them being used as an attack vector to get at your personal data. A similar result can be obtained by using your router’s guest network for your connected devices, but HomeKit historically has a problem with that approach in that the devices need to be on the same network as your iPhone and home hub for them to be controllable. By providing the ability to intelligently restrict them while still providing the access Apple needs, we greatly enhance the security of the home network in an easily managed way for everyday users.

LinkSys and Eero are slated to provide initial support for HomeKit Security, as well as internet provider Charter Spectrum. Hopefully this gets more traction soon as the benefit to customers is significant as more smart devices enter the home.