Shopping for the best smart home devices is about to get a bit easier for U.S. consumers as the Biden administration is preparing to unveil a new cybersecurity label to let shoppers know which ones are secure.
As reported by The Verge, Federal Communications Commission (FCC) Chair Jessica Rosenworcel revealed in a press briefing that the new label will be called the U.S. Cyber Trust Mark. These labels are expected to appear on smart home devices at both brick and mortar stores and online retailers beginning next year.
The U.S. Cyber Trust Mark will signify that a device meets the security standards established by the National Institute of Standards and Technology (NIST) established in a report it released last year. If NIST sounds familiar, this is likely because the government agency is in charge of the National Vulnerability Database, which we often link to in our stories about malicious apps and other cyberthreats.
It’s worth noting that the U.S. Cyber Trust Mark program is entirely voluntary and businesses won’t have to opt in to sell their smart home devices in the U.S. However, companies like Google, Samsung, Logitech, Amazon and Best Buy as well as trade associations like the Connectivity Standards Alliance (which created the Matter smart home standard) have already pledged their support.
U.S. Cyber Trust Mark
Once the U.S. Cyber Trust Mark program rolls out next year, it will cover a wide variety of smart home devices, including smart refrigerators, smart microwaves, smart TVs and smart thermostats. However, fitness trackers and other connected devices will also be covered.
In a press release announcing the U.S. Cyber Trust Mark, the Biden administration, provided further insight on what the program aims to achieve, saying: “The goal of the program is to provide tools for consumers to make informed decisions about the relative security of products they choose to bring into their homes.”
In addition to a label that will be added to the packaging of smart home devices, there will also be a QR code that shoppers will be able to scan once they’ve purchased such a device to verify that it is still certified after the fact. Doing so will also let them know whether or not there are any patches they need to download to protect their device against new threats.
During a Q&A session after a press briefing announcing the U.S. Cyber Trust Mark, an FCC official also revealed that the government agency is considering annual recertifications to ensure that these new certifications remain up to date.
Analysis: It's about time
While convenient, smart home devices have long remained a thorn in the side of the cybersecurity community. Unlike the best laptops or even the best phones, they don’t receive the same patches and updates once a new threat emerges.
We’ve often seen cybercriminals and other hackers leverage these unpatched vulnerabilities in their attacks and the U.S. Cyber Trust Mark program is a big step forward in trying to limit the damage that can be done by exploiting them. At the same time, the program could change the way in which Americans think about their connected devices while also providing them with a strong reminder that they need to be updated and patched accordingly to remain secure.
We still have some time until the U.S. Cyber Trust Mark begins appearing on smart home devices and we’ll likely hear more from the Biden administration and the FCC before these new labels start rolling out.