A provisioning process includes bringing an IoT device online and establishing a secure connection with a cloud server by, for example, transmitting a home's WiFi credentials to the device and registering the device as belonging to an installing user. Provisioning processes are known in the art, but known provisioning processes have usability weaknesses and may be vulnerable to attackers.
For example, when a known provisioning process uses WiFi or BLE with no QR code or other layer of authentication to provision the device, the device is vulnerable to an attacker registering the device who may not even be physically present in the same room as the device, but who can connect to the device first. Similarly, when a known provisioning process uses WiFi or BLE with no QR code or other layer of authentication to provision the device, a phone of the installing user is vulnerable to being tricked into connecting to an attacker's fake device and sending WiFi credentials to the attacker's fake device.
Some known provisioning processes use WiFi with a static QR code printed on the device to provision the device. However, when these processes are used, the device may be vulnerable to both the attacker who physically accesses the device before the installing user and, thus, knows the static QR code and the attacker who tricks the phone of the installing user to connect to the fake device.
Still other known provisioning processes use WiFi with a dynamic QR code to provision the device. However, when these processes are used, the user experience can be poor because a mobile application being executed on the phone of the installing user cannot provide any feedback to the installing user about the failure or success of the provisioning process during a WiFi connection process.
Furthermore, when a provisioning process uses WiFi instead of BLE to provision the device, the user experience can be poor because, when the phone of the installing user is connected to an access point of the device, the phone does not have an Internet connection during the provisioning process.
When the device is a camera, provisioning the camera securely is especially important because the camera can transmit live video of a consumer's home. Therefore, there is a continuing, ongoing need for improved systems and methods.