Our customers complained to us that the networkSecurityLevel was ZWAVE_S2_UNAUTHENTICATED after the product was added. After verifying and confirming, we found a fact: the same device, hub, and the same device handler file, after adding a device with an iPhone, the networkSecurityLevel is ZWAVE_S2_AUTHENTICATED, and the networkSecurityLevel of the device added with an Android phone is ZWAVE_S2_UNAUTHENTICATED. How can I ensure that it is always in the ZWAVE_S2_AUTHENTICATED state?
Maybe @garrett.kranz can help you
Thanks! We checked the product interface documentation, ZWAVE_S2_UNAUTHENTICATED is correct. Now I’m just confused why I can configure ZWAVE_S2_AUTHENTICATED through iPhone, it is really magical!
Do these devices utilize a QR Code for their DSK? Could you provide a model number for the device(s)?
most likely this is the cause, must be paired with the QR code scanned.
No QR Code for their DSK, the model is MP21Z.
I’m looking at this: https://products.z-wavealliance.org/products/4137?selectedFrequencyId=2
Security S2 Classes: S2 Authenticated, S2 Unauthenticated
As far as I’m aware, to be S2_Authenticated means a DSK (commonly passed to controller as QR code) must be used in some form. I’m not immediately sure why the OS the App is running on would make a difference in what Security Level the device reports as utilizing after Inclusion (unless opportunity to enter DSK is not offered), but definitely something we can look at further.
@nayelyz could you help with this?
I verified with the internal team and they agree with you, @garrett.kranz:
There are just two different levels of S2 encryption:
- Authenticated is when you have scanned a QR code or manually input a device-specific key.
- Unauthenticated is when you haven’t done that.
The instructions to connect the device to a Hub mention scanning the QR code.