Security & Privacy

Matter was created with security and privacy as key design tenets and provides a baseline for building secure IoT devices. The following are key principles of Matter security.

Comprehensive

Layered approach with authentication and attestation for commissioning.
Every message protected.
Secure over-the-air firmware updates.

Strong

Single strong cryptographic suite based on well-established standards.
Passcodes and certificates used to setup secure sessions.
Device attestation to ensure authenticity.

Easy

Designed to make smart devices easier to implement and use.

Resilient

Designed to protect, detect and recover.
Distributed Compliance Ledger to enhance resiliency and scale.

Agile

Crypto-flexibility to address new developments and threats.

Matter Privacy Principles

Data privacy aims to protect consumers whose personal information is consumed and transacted. Matter embeds data privacy principles for all interactions between devices and software agents that handle personal information. For complete protection, additional support from the environment and infrastructure that Matter devices operate in is needed.

Confidentiality & Integrity

Matter uses the highest possible level of civilian cryptographic standards for network communications to ensure that unauthorized entities cannot easily access or tamper with data communicated between Matter devices

Proof of identity

Required for Matter devices with cryptographic certificates so data is shared only between known Matter entities

Open standard

Enables anyone to inspect the template for Matter interactions between legitimate Matter nodes

Minimizing data

Data shared within Matter interactions is minimized, thereby reducing the potential for inadvertent leakage of information

Defined purpose

Data shared between Matter nodes is strictly for a defined purpose, namely, for the specific operations of devices as required by the Matter protocol

Privacy preserving mechanisms

Encryption to ensure that messages or identities of communicating parties are not in cleartext on the network

Copyright 2023 Matter Handbook Authors
Built with Hugo using the Learn Theme
Except as otherwise noted, the content of this page is licensed under the Creative Commons Attribution 4.0 License, any code samples are licensed under the Apache 2.0 License.
Matter is a registered trademark of the Connectivity Standards Alliance.
All other trademarks are property of their respective owners.