September 22, 2014

Share Everywhere

The Very Real Concerns for Wearable Technology Security

It seems like everyone I know is wearing a fitness tracker – even I have one. It’s a great way to keep track of your workouts, and it’s certainly made my gym routine simpler. But, just like all of that other great technology that has made our lives easier, wearable technology security is a very real concern.

Namely, wearable technology makes you more vulnerable to hackers.

A recent report from Symantec (PDF) claims that many wearable devices, including FitBit, Nike+ Fuelband, and Garmin Vivofit, use unsecured wireless connections to transfer personal data from your computer and smartphone to your device and back.

Wearable devices are unique because the vulnerable information associated with them is unlike many other devices. That is to say that your address and social security number are not at risk – instead, you need to worry about exposing your weight, BPM, sleep activity, location, and even more personal things like emotive state and drinking habits.

As we’ve learned with recent data breaches, it doesn’t take much for a criminal to gather information that will expose your identity and lead to unwanted activity in your name.

With that in mind, if you have a wearable device, it’s a good idea to check this list below to see if you’re vulnerable:

  • Bluetooth devices: any wearable device that tracks your location using Bluetooth puts you at risk. It is easy to identify the strength of the signal between the device and say, your phone, and then pinpoint your exact location.
  • Password protection: many devices do not encrypt password data. This is worrisome because people often use the same or similar passwords for different services, and if it is easy for a hacker to uncover one password, they may gain access to other accounts.
  • Privacy policies: Symantec found that only half of the apps they investigated had privacy policies that users could view and agree to. It’s unclear if this means that the other half of apps have no privacy policy – but it’s better to be safe than sorry.

At this point, there haven’t been many developments in the security protocol of these apps and devices. Disheartening, I know, but I have no doubt that these companies are hard at work making their devices safer. I certainly don’t want to stop using mine, so I’m going to be sure to update my password to something unique. And, as always, we should all be careful about the information we share on social media via our fitness trackers.

In the meantime, we will continue to provide you with personal data security tips and updates; check back next week when we take a look at the security of the Nest thermostat.

Image courtesy of Flickr user Kazuhiro Keino.

David Rabinovitz

Identity Protection Consultant at IdentityForce
David is aligned closely with c-level principals and provides them with coaching services focused on strategy, finance, ownership, deal structuring, and shareholder relationships, which led him to join one of his high-growth clients as their CFO. As a high-energy executive with a wealth of experience, David is a versatile corporate “fireman” who skills are often sought after to assess and resolve complex business challenges, as he brings critical insight for business leaders in transition.He is also a long-standing Special Crew Volunteer for Pan-Mass Challenge, an annual cycling fundraiser that strives to provide Dana-Farber's doctors and researchers the necessary resources to discover cures for all types of cancer.