Your privacy and security are Alfred's top concerns. As such, Alfred has established strict policies and technical barriers to prevent unauthorized access to your data. With the support of top-tier cybersecurity mechanisms— W3C, Google, Android, and Amazon— Alfred is equipped with the most advanced protection. In this article, you'll find out:
- The strict policies Alfred employs to protect your data
- The cybersecurity mechanisms Alfred adopts
- Why Alfred needs permission to access certain information
- Can Alfred access my Google/Apple password
- Can Alfred see my Live feeds and videos
Here are some of the strict policies Alfred employs:
- Alfred does not have and cannot access your videos unless public agents (i.e., police) request videos as evidence through legal processes.
- Alfred implements strict internal policies for data processing. Staff granted data access rights can only perform limited operations required for service maintenance purposes.
- Alfred reviews our security measures regularly to ensure the service keeps up with the industry standard.
Here are the top-tier cybersecurity mechanisms Alfred employs:
- Alfred uses an industry-standard OAuth2 scheme for user sign-in, and no password is kept on Alfred’s server.
- Alfred uses Amazon as a third party-solution to store your Motion Detection videos. These videos are deleted in 7 or 14 days, depending on your subscription plan, automatically after being generated. Alfred will not keep any copies or records.
- The video/audio streams in live communication are encrypted by industry-standard 256-bit AES encryption. The key used to encrypt the communication is generated per session, and Alfred does not know it either.
- Alfred enforces HTTPS and the highest possible TLS level for all communications with our service backend and/or other 3rd-party service providers to prevent any possible attack known so far.
- Every request to our backend server requires an access token that is only valid for a short period. This design is compliant with the IETF specification.
- Randomized URLs protect access to the media stored on our backend server with a very short lifecycle, which significantly minimizes the possibility of being hacked.
Why does Alfred need permission for specific information? Is my information safe with Alfred?
To protect your privacy, the system will ask you for permission when you launch Alfred for the first time. Here are the permissions Alfred needs and why:
- Access to photos, media, and files: Alfred needs to save and retrieve captured videos and photos.
- Take pictures and record videos: Alfred is a home security app that receives and delivers photos and videos.
- Record audio: You can hear as well as speak to the Camera device from your Viewer device.
Please go to “Settings” on your phone and grant all the necessary permissions to run Alfred smoothly.
Can Alfred access my Google/Apple password?
If you choose "Continue with Google" or "Continue with Apple" to sign in, you will not create an account on Alfred (which means that Alfred would have no access to your password). Instead, you grant us access to the essential parts of your Google or Apple account that we need for Alfred to work. Although Google and Apple manage countless apps and set the security standards in the industry, some of you may have privacy concerns regarding Google or Apple. Alfred also allows our users to create an Alfred account with an existing email address should they wish to do so.
As a developer of a home security app, we value your privacy more than anything else, and we would do everything to protect it.
Can Alfred see my Live feeds and videos?
Please know that your Live feeds and videos are protected by the strictest cybersecurity service: Amazon, which means we do not have access to your Live feeds and videos. In other words, there is no way we can see what you see. All we can get from you are some statistics (connection quality, whether a specific feature is turned on, the device models) to help zero in on the problem. Moreover, your privacy is of our utmost concern, so information will never be used for any other purpose!
Still have questions? Let us know via the in-app “Report an Issue” channel.