How secure is your smart TV?

Updates are important for keeping your smart TV running smoothly and making it secure, but some brands aren't supporting TVs for nearly long enough
Martin Pratt
Smart TV showing an update screen

We keep our TVs for close to a decade, so it's fair to expect TV manufacturers to keep them ticking over with important feature and security updates for a good period of time. 

Unfortunately, TV brands are falling well short when it comes to support periods. But what happens when the manufacturer stops supporting them?

Any device connected to your home network can give hackers access to a wealth of sensitive data if it isn't kept up to date with security patches. With just about every TV sold in the last six years being smart, there's a good chance you've got one and it could be out of date.

We reached out to the biggest brands in TVs, including LG, Samsung, Panasonic and Sony, to see how long they supported their TVs.

Top TVs for 2022 - the very best of the TVs we've tested

Which brands have the best security update policies?

You'd expect an expensive, shiny new TV that you keep for many years to go the distance when it comes to getting updates from the manufacturer, but sadly this isn't often the case. As you can see from the responses below, some key brands are falling seriously short.

  • Hisense - China's biggest TV brand supports its TVs for an impressive eight years from launch. Most people keep their TVs for between seven and 10 years, so this is a decent policy.
  • Sony - along with Hisense, Sony offers the longest support period of eight years. Some people will keep a TV for longer than this, but it's in line with what we consider the lifetime of a TV.
  • Panasonic - with a five year support period, Panasonic patches its TVs for longer than LG and Samsung, but it's still not what we'd consider to be enough.
  • LG - despite being one of the leading TV brands, LG only supports its TVs for two years. It did tell us that TVs may get up to five years for critical security vulnerabilities, but that's disconcertingly vague.
  • Samsung - it's the biggest TV brand in the world, but according to Samsung's website 'most TVs will get updates with new features for about two years'. Not nearly good enough.
  • Philips - it's a household name, but Philips didn't get back to our request for software support information.
  • TCL - a leading brand in the US, TCL is making a name for itself in the UK, too, but it didn't respond to our questions.
  • Toshiba - it tends to make cheaper TVs than leading brands, but we don't know how long it supports them for because it didn't respond to our request for comment.

We know people keep their TVs for between seven and 10 years – which means only Hisense and Sony get close to supporting sets for what might be considered a typical lifespan. LG and Samsung, as the biggest brands, fall alarmingly short, with Samsung's two years of updates particularly poor.

Several manufacturers begin their support period from the launch of the TV, which is a cause for concern in some areas, but less so with TVs. Since they only stay on sale for around 18 months, most people buy their TV close to the launch of a TV and will get the full term of software support. It's a different story with other smart areas, such as appliances which can remain on sale for five years or more. In these cases the launch window is huge and when you make your purchase, you could find you have very little support left.

Woman taking new TV out of its box

What are the risks of an insecure smart TV?

Your home network is only as strong as its weakest link and with dozens of items connected to your router there are plenty of areas for a hacker to attack.

If your TV isn't secure it could allow a hacker access to your router and if that's compromised then anything else on your network could be at risk. The TV isn't exactly devoid of personal data though. App and wi-fi login data, as well as card details in some cases if you've rented a film or signed up for an app through your TV, are at risk if your TV is insecure.

Hackers can hijack a TV to display their own content and they can do far worse than force you to watch Keeping up with the Kardashians over and over. They could put up fake versions of app login screens to trick you into entering your card details and steal your information.

We proved just how a cybercriminal could hack big-brand smart devices, including a Philips smart TV, in our investigation into easily hackable smart tech.

Tech tips you can trust – get our free Tech newsletter for advice, news, deals and stuff the manuals don’t tell you

How can I make a smart TV more secure?

  1. If your TV is still in its support period then you need to make sure you're getting each new patch. Check in your settings to see if automatic updates is turned on. You can check for new updates here, too.
  2. Some TVs have passwords to access certain features of the TV and you should change this from the default. We were able to hack that Philips 32PHS6605 smart TV because we were easily able to guess the default password. Once through the flimsy security we could access all the data on the TV and display anything we wanted on the screen.
  3. Buying a new TV when the patches stop coming in isn't realistic. TVs are expensive, but TV streamers aren't. If you're concerned, you could disconnect your TV from the internet and invest in a cheap TV streamer (we've tested several Best Buys cost around £40 or £50). They will have the same apps as your TV did and you can buy an up to date one that's still receiving security patches.
  4. Overall, if you're using an older TV, keep your eyes open for anything out of the ordinary. TVs aren't heavily targeted by cybercriminals, but being generally wary of unusual requests for personal data is good practice when using any type of internet-connected device.

Read our reviews of top rated TV streamers with all the apps you need

How Which? tests for security issues on smart TVs

As part of our in-depth TV tests, we focus on what TVs are doing with your data, checking to see if every kernel of it is encrypted on its journey to servers. If the data is adequately encrypted then even if a hacker did manage to look at it, it would be indecipherable jargon.

We note the encryption standards being used to make sure they are strong enough.

Where the data is going is important, too. We check the IP addresses for the destinations and flag any suspicious activity.

Better security standards for smart devices on the way

Issues around security and smart devices goes a lot further than TVs, but hopefully the situation could be about to change. The UK government has now introduced the Product Security and Telecommunications Infrastructure (PSTI) Bill, which looks to create a minimum security standard for smart devices and give regulators the power to fine companies that don't meet this.

Which? was instrumental in helping shape this bill and is happy with a lot of what's included, but is pushing for more in three key areas.

  • Online marketplaces - our research has found that many smart devices are sold through online marketplaces. The bill should cover smart devices wherever they are purchased, not just well-known retailers.
  • Minimum update support periods - the bill will force brands to say how long they will support devices for, but we think brands should be required to support their smart products for a minimum amount of time. What that time should be could differ depending on the type of device, but a minimum would help people use their products safely for longer.
  • Consumer rights - If someone owns an insecure smart device, they should be able to argue that it is faulty and then get a refund or replacement under the Consumer Rights Act 2015. This could be clearer in the bill to make sure peoples rights are protected.

Read more about security and smart devices, to find out how to keep your smart home safe from hackers. 

More on this

Related articles

More on this

Related articles