The security of the network and Hotspot owners is of the utmost importance to us. While the Internet connection is necessary, it is only used to provide backhaul to the Hotspot for blockchain peer-to-peer and LongFi networking. As security concerns are ever present, here is what we have done, and are doing, to combat potential risks:
- The most common attack vector to get into a device like the Hotspot is inbound ports. The Helium Hotspot only requires one port open in both directions - TCP Port 44158. All other inbound ports can be secured behind a firewall per your personal security needs.
- Helium-enabled LoRaWAN devices are hardware-secured to protect the traffic from the utilized spectrum. This means the security is built-in since devices using the network have AES private key encryption at the chip level.
- All approved Helium Hotspots comply with the relevant radio and wireless regulations in the country or region where they are deployed. For example, Hotspots in the US comply with FCC regulations for operating in the unlicensed 902-928MHz spectrum, the CE mark for the European 868MHz spectrum, etc.
- Expected bandwidth utilized by devices is 1-5kb/s (about the size of a long text message) and devices communicate with the Hotspot over LongFi, not IP (Internet Protocol).
- While very inexpensive to use, the Helium network is not free. Any transaction requires data credits. This is inherently a deterrent for potential scammers.
- Helium wallets (included within the Helium App) use asymmetric keys to keep your private key secure.
We will be diligent in our approach to maintaining and improving all aspects of the network’s security to help ensure that you, The People who constitute The People’s Network, can continue to help define a new era of IoT.