Not Completely Secure

This is How Thieves Can Bypass Verisure Home Alarm

Student Reveals Serious Security Flaws in Verisure's Home Alarm.

Ove Kaufeldt

Published 19 February 2025 - 17:04 Modified 19 February 2025 - 17:04

Verisure is one of the country's most popular home alarms with more than 500,000 users across Sweden. Now, student Joakim Öberg at Swedens Royal Institute of Technology (KTH) has examined the security of Verisure's home alarm and discovered serious vulnerabilities. This is reported by SvD Näringsliv.

By analysing how the different components of the alarm communicate wirelessly, Öberg discovered critical weaknesses in the system's radio communication. "A jamming attack on the sensors' frequency band prevents the sensors from reporting events to the central unit," he explains. This means that the alarm can be "jammed" using a jamming transmitter, a device that according to Öberg can easily be purchased online. "Anyone wanting to break in can place the transmitter outside and carry out their burglary in peace. Only when the transmitter is turned off does the alarm go off," says Öberg's supervisor Pontus Johnson, who is a professor of cybersecurity.

Öberg also identified a vulnerability in the alarm tag itself. It uses an RFID tag whose signal can be read or cloned from a distance by unauthorised persons because it lacks encryption, which would make the communication between the alarm tag and the system secure and prevent the signal from being intercepted.

Professor Johnson believes that Verisure should inform customers about the risks: "It is not secure. Verisure should replace the tag, or at least inform users to protect the tag as a valuable item, not let children have it as shown in the advertisement pictures."

Verisure has responded to SvD regarding the discovered vulnerabilities, stating among other things that “All radio-based communication, such as mobile phones and home WiFi networks, can be subject to interference to varying degrees. We have implemented several layers of protection to help detect interference attempts and have operational procedures in place to handle them appropriately."

Regarding the possibility of copying the alarm tag, the company responds that "In practice, it is very difficult to clone someone else's tag. In addition to our proactive monitoring, we encourage customers to handle their tags with care, in the same way they would handle their house keys, car keys, credit cards, or similar valuable items."