If the Opener is connected to a bridge, the smartphone Nuki app for an authorized user ( non admin) will open the door from anywhere in the world and that, whether or not the remote access has been authorized for the given user.
This is a fundamentally insecure design error and leaves the system wide open to a user opening the door by mistake from another location or or even by someone unauthorized in possession of the user’s phone. It should be possible to limit the use of the app to ONLY when the phone is in physical proximity to the opener - in or near the building.
Switching off or on remote access in Nuki web for a non-admin user of the opener makes no difference at all. The remote access from anywhere remains.
Have discussed this with NUKI Support. They inform that such limitation is available for the Smart lock, but not for the Opener + Bridge. So the NUKI team know how to do it. The support say that they no information about any planned implementation for the opener.
I am astonished that NUKI would think to leave such a hole in the security of the Opener. It is absolutely not OK !
My preference for ‘Located in the building’ is that the user’s smartphone is within range and connected to the same pre-defined SSID as the bridge.
The Nuki app location function can also geo-sense that the phone is in or near the building.
We are a school. We want our teachers to open the door with the Nuki app ONLY when they are in the building, not by mistake from home or from holiday on some far away island or by someone else with the user’s phone.
We tried to workaround by unplugging the bridge and relying on Bluetooth. But that is not practical because reestablishing the Bluetooth connection at each entry to the building is too slow and sometimes need 3 or 4 attempts or does not work at all.
The use case is very clear.
When the non-admin user of the app is away from the building: the opener should present as off line (or unavailable).
When the user approaches the door with their phone : the app notifies that it has connected either via the named wifi to the opener or the location geo-sensing has recognized where it is: The user then can open the door with the app.
Note to Jürgen Pansy 20.5.2022, Thanks for your reply about location awareness and suggestion to make this a feature request, but:
In the discussion forum ‘opener-with-bridge-a-serious-security-breach’, Jürgen Pansy says that you can turn off remote access for each user. That is the point of this feature request. Unless there is some nuance about naming the door (mine is called Porte1), which Nuki support do not know about, turning off remote access for a user has no effect. Whatever setting for the user’s remote access, the non-admin user can open the door from anywhere.
If you have your Opener properly configured as “other Door” you can turn on/off remote access for each user individually: