Privacy and security are at the core of everything we do.


Your home embodies who and what you consider significant. Your home is a powerful part of you, and because of this, we’re committed to keeping it private and safe.

We design for privacy.

At a private residence such as an apartment, the access history of individual residents at their home remains private to that specific resident alone and is never shared with anyone, including property management. For peace of mind, residents can view access histories of their guests, property managers, and trusted services who enter their home.

In common areas, such as building entrances and amenity spaces, resident access histories are viewable only by the resident that created the access event and by property managers. Similarly, the access histories of building staff members at common areas are viewable only by the staff member and property managers. These access events are created to promote the safe and appropriate use of common spaces and to protect residents in the building.

When guests and trusted service providers are provided access by a property manager or a resident, the access history of guests throughout a property are viewable by both the resident who invited them and property management to maintain the safety of the building.

They record an access log and in some cases, a photo, when someone attempts to unlock the door.

Provides keyless and easy-to-track credentials like the Latch App and Keycard, which removes the insecurity of physical keys, which can be copied and difficult to track.

Access can be revoked without the need to wait for an integrator or locksmith.

Doors can be assigned schedules, so access is only available to people at certain times on certain days.

Two-factor authentication can be enabled for Portfolio Managers and Property Managers using Latch Manager for added account security.


Data theft and hacking are a real concern in today’s connected world. Which is why we’ve built all of our products around industry-leading security practices.

Data is encrypted in transit and at rest.

We secure sensitive data by encrypting it while in-transit and store it in an encrypted format while at rest.

Latch App, Latch Manager, Latch Cloud and internet-connected Latch devices communicate with each other via TLS 1.2.

All data in Latch Cloud, such as access permissions, access logs, access photos, and personally identifiable information, is encrypted at rest using AWS KMS with at least 128-bit AES encryption.

Data in the Latch App is secured using platform-specific best practices such as iOS Keychain and Android Keystore.

We’re always on the lookout for vulnerabilities.

Security is never complete and the team at Latch works every day to improve and enhance the way our products respond to challenges.

Latch undergoes full system penetration tests by a third party to make our products better and more secure.

We work closely with the security community to implement the latest forward-thinking security architectures and policies.

No internet required.

Our offline-first design approach means that devices do not require internet connections to unlock in the event of a network or cloud outage.

Our infrastructure runs on systems that are fault tolerant, for failures of individual servers or even entire data centers.

For the most sensitive installations, operating independently from the internet provides an extra layer of security.

Designed in a secure environment.

Multi-factor-authentication is enforced for all teams and tools where available.

Sensitive internal resources are separated from the internet via a VPN.

Staff are trained in security best practices when applicable, with training plans under continuous review for improvement.

Feedback welcome.

To report security or privacy issues that affect Latch products or web servers, please contact You may encrypt your emails to Latch using the Latch PGP Key. We will do our best to reply to reports in a timely fashion and periodically update you on our progress with respect to investigating or remediating any issues you may have identified.