Your Security, Our Priority: How Lockly Protects Your Data

Written By Jamie Leung

When you choose Lockly, you’re not just choosing a smart lock — you’re choosing a security partner that prioritizes privacy, transparency, and protection at every step.

In today’s connected world, digital security is just as important as physical security. That’s why we’ve built Lockly from the ground up to protect your data using industry-leading infrastructure, robust encryption, and independent testing to ensure we stay ahead of evolving threats.

Independently Tested by LRQA

To reinforce our commitment, we recently invited LRQA, a globally recognized cybersecurity assurance firm, to conduct a full-scale penetration test of our systems — including the Lockly Home and Lockly Manager mobile app sand the LocklyOS used by LocklyPRO customers and property managers.

This rigorous, multi-stage process involved:

  • Initial testing to identify potential vulnerabilities

  • Remediation efforts to strengthen protections

  • Retesting to validate that our defenses are effective

The result: Our systems demonstrated strong resilience against common mobile and web application attacks, reaffirming that your data is well protected.

Data Stored in the United States on AWS

Lockly operates on Amazon Web Services (AWS) servers located in the United States. AWS is one of the most secure and trusted cloud platforms in the world, used by leading government agencies, banks, and Fortune 500 companies.

By keeping your data within U.S. borders, we provide:

  • Compliance with U.S. data protection regulations

  • High reliability with AWS’s secure infrastructure

  • Geographic transparency — you know where your data lives

Local Storage for Biometric Data

Your fingerprint and facial recognition data never leave your device. We store this information locally, encrypted within the lock itself, so it’s never uploaded to the cloud. This ensures:

  • No risk of biometric data interception during transmission

  • No storage of sensitive biometrics on external servers

  • Full control over your most personal security credentials

128-Bit AES Encryption

All communications between Lockly devices, apps, and servers are secured with 128-bit Advanced Encryption Standard (AES) — the same level of encryption trusted by banks and government agencies worldwide. This ensures that:

  • Your data is unreadable to unauthorized parties

  • Intercepted transmissions are useless without the encryption key

  • Your lock, app, and server communication remains private and secure

Learn more about LocklyOS

LocklyOS: Secure Access Management for Professionals

For property managers, businesses, and multi-unit operators, LocklyOS offers a cloud-based, enterprise-grade platform to securely manage all your locks, users, and access permissions — from anywhere.

Built with the same robust security measures as our hardware and apps, LocklyOS ensures:

  • Encrypted communication between platform, devices, and users

  • Centralized control to manage access rights in real time

  • Role-based permissions to safeguard sensitive data

  • Audit trails and activity logs for accountability and compliance

With LocklyOS, you can confidently manage large-scale access environments knowing that both your operational data and user information are protected at every step.

Transparency Builds Trust

We believe security isn’t just about technology — it’s about trust. That’s why we:

  • Proactively test our systems with independent experts like LRQA

  • Clearly disclose where and how your data is stored

  • Continuously improve our infrastructure, applications, and platforms like LocklyOS

When you choose Lockly, you’re choosing a partner who takes data protection as seriously as you do.

Jamie Leung
Previous

Hurricane Season Preparedness for Multi-Family Properties: Smart Locks That Keep Residents Secure
Next

Smart Security for Smarter Businesses: Why the Lockly Smart Safe Is a Game-Changer for Commercial Use