The wireless security of the system is not handled by WiFi, so there is no WPA2 type security. The system has two methods of communication:
1) Remote access
2) Local access
Remote access is done by inserting commands onto our server where our hub unit calls up to every few seconds. It is not possible to 'dial in' to the WiFiLink unit to gain control of it; all communication must go via our server. If you are able to access your router/network remotely then this may be possible, however there is a security layer which is handled locally (see below) which will prevent this from being a threat.
Local control is handled by the Link unit itself having a 'white list' of known devices which are allowed local control of it. The control is given when a specific command is sent from the apps/local device and then a physical button is pressed on the Link unit itself within 12 seconds of this command. If commands are received from an unknown device, then the Link will not execute these commands.
Also, the products are undergoing active development to ensure that all reasonable security measures are in place, as we would like to ensure the LightwaveRF products are completely secure.
We would not be able to disclose any security measures with any third parties presently. This may be something we will be able to advise on next year when the current developments have been progressed further.
The product allows local control only via a white list of authorised devices. That device would need to be authenticated on the network via WiFi, or a hard wired connection, and then a physical button would need to be pressed on the hub to allow it any control. Any device which is on the local network, but has not been authorised by this physical button press at the WiFiLink would not be allowed control.
We are already in conversation with security specialists regarding communications and are developing on many projects with this in mind.
The system uses a proprietary RF protocol on multiple frequencies. The WiFiLink does not do anything based on received commands from RF aside from output them as updates for temperature devices so there would be very little benefit from doing this.