How do smart refrigerators work?

Smart refrigerators are usually connected to the Internet and with other smart home devices so that the user can use the full range of functions. Some smart refrigerators can be controlled via smartphone using an associated app, and built-in cameras allow the user to see which foods are in the refrigerator and which need to be replenished. Depending on the setting, the refrigerator uses the built-in camera to take a "snapshot", e.g. when the refrigerator door is closed, and sends this to the smartphone app. Some devices with a camera can even recognize which foods are stored inside and mark them as "in stock". In addition, some refrigerators store the best-before date and suggest recipes via app with the foods that are about to expire.

Smart refrigerators often have a built-in touch display that can be used to call up a variety of information, such as the food in the refrigerator. In addition, photos, notes, appointments or shopping lists can be virtually pinned on the display and shared between family members. Some devices also offer the function of integration into a home entertainment system, so that it is possible, for example, to transfer series, videos or music from a TV, smartphone or PC to the touch display of the smart refrigerator. The information to enable the special function is either stored on the device or can be retrieved by networking the device. The use of a smart refrigerator is usually accompanied by the use of a cloud infrastructure of the manufacturer, which is not always obvious at first glance.

Before buying a smart refrigerator

Before buying a smart refrigerator, buyers should think carefully and weigh up which functionalities of a (smart) refrigerator they absolutely need, what data could be generated as a result (e.g. through networking with other devices and connection to the Internet) and whether the benefits justify the associated potential security risks. Poorly secured smart home devices can be an entry point for attackers and thus inadvertently become attackers themselves. To do this, cybercriminals infect the devices with malware and connect them to form a so-called "botnet", which is used to carry out attacks on other IT systems, e.g. critical infrastructures. These attacks can lead to important services for the general public no longer being available or accessible because the associated IT systems are overloaded, causing the service such as an online shop to fail. The refrigerators unintentionally become tools for cybercriminals and carry out cyberattacks on other IT systems without their owner’s knowledge.

These questions, among others, can help you decide on a secure device:

• Updates often close security gaps before cybercriminals can exploit them. Therefore, you should ask how long security updates will be provided by the manufacturer for the device.
• Does the refrigerator have cameras, microphones or sensors that can collect personal data?
• What data is collected? What information, e.g. about one's own shopping and eating habits (including health restrictions), can be derived from it?
• What happens to the collected data? Where is it stored (locally on the device or in a cloud?) and who has access to it?
• In the case of cloud storage: Where are the cloud operator's servers located? What legal requirements does the cloud operator have to comply with?
• Are additional components, such as an accompanying smartphone app, necessary for using the device?
• What access rights does the app require and what data does it collect or transmit? Is data shared with other apps?
• What security functionalities does the app offer and how well is the transmission of data between the refrigerator and the app appear secured (e.g., via TLS)?
• Have relevant professional institutes tested the device? Does it bear appropriate seals of approval?

In this way, you can use your smart refrigerator as securely as possible:

• If offline use of the refrigerator is not desired or not possible and networking of the device is essential, a separate domestic (W)LAN such as a guest network should be set up for the device. Tips on how to set up your WLAN and router securely can be found here.
• Pay attention to connected devices such as smartphones and routers. They should also receive regular security updates, have firewalls enabled and use strong passwords.
• Make sure that the automatic update mechanism of the refrigerator software and the associated smartphone app is activated and that (security) updates from the manufacturer are applied automatically.
• Be careful with public WLAN networks, for example at airports or in hotels, when accessing the refrigerator while on the road. Using a VPN connection can help to encrypt data before transmission.
• Secure your mobile device running the associated apps for controlling the devices and preferably use apps that use encrypted data transmission (e.g. via TLS).
• Pay attention to whether or which personal information built-in cameras, microphones or sensors could record and, if necessary, take appropriate measures or (rights) restrictions.