Are your eyes prying upon that smartwatch? Maybe you should postpone that smartwatch purchase if you want to keep your private data private. Smartwatches that are increasingly becoming common day by day are not smart as you think. Yes, they are susceptible to security threats!
Not many people yet are smartwatch users, but the numbers are certain to increase in the coming months and years. According to a research, in 2014, device makers shipped a total of 4.6 million smartwatches worldwide which jumped to 28.1 million in 2015.
In general, smartwatches allow you to easily access frequently used apps such as email, weather, GPS, etc. along with monitoring and maintaining your health information. These benefits of the smartwatch come with several security vulnerabilities (smartwatch dangers).
Smartwatch Security Vulnerabilities
A study conducted by HP Fortify revealed that almost all types of smartwatches having an internet connection are vulnerable to cyber-attacks. The study found that the tested smartwatches possessed significant vulnerabilities such as poor authentication, lack of encryption and privacy issues. HP said that it tested the top 10 smartwatches available in the market from an attacker’s perspective. Following are the vulnerabilities:
- Absence of Screen Lock
Out of the total smartwatches that were tested, only 50% of them offered the ability to enable a screen lock using a PIN or password. While smartphones are built with utmost security features such as passwords, fingerprint authentication technology, etc.), other connected devices are still far behind.
- Lack of Data Encryption
None of the watches were encrypted. With the help of little expertise, it was very easy to get the data.
- Insufficient User Authentication
All the tested smartwatches were paired with respective smartphones which lacked two-factor authentication. The phones also lacked the ability to lock out accounts after more than 3 password attempts were failed.
- Insecure Software/Firmware
More than 50% of the smartwatches were found to have concerns with firmware updates. The firmware updates were transmitted without encryption.
- Easily traceable
The hackers could record information of the smartwatches using hand movements to access secret information.
The various security risks that smartwatches possess are:
- Smartwatches can have just as much data as your smartphone. This is why smartwatch users are the prime targets for identity theft. Identity thieves are always looking for ways to obtain your personal information. They use this information to open accounts in your name, obtain money, or they sell the information online.
- All smartwatches collect some form of personal information such as name, address, date of birth, heart rate and other health information. If the device falls into the hands of a wrong person, then the information could easily be compromised.
- As we know that the smartwatch syncs with the smartphone, therefore the risk of data loss is huge in case a thief steals it. If a thief hacks or steals your smartwatch, it can have the same effect as losing your phone or PC.
- Losing your device is a big problem in itself, but if the criminal uses your personal information to possess your identity, then the problem becomes more serious.
Protecting Your Data and Yourself
Take the following security steps to protect your devices and your identity:
- Use unique passwords
Use a different password for every device and every account at all times . Also, never forget to change the default password.
- Encrypt your data
Encryption converts your information into secret codes, therefore, encryption is very important to protect your information. If the data is not encrypted, it could easily get compromised.
- Use strong authentication
Use a strong authentication system such as multi-factor authentication to access secret information. Multi-factor authentication consists a combination of elements to gain access such as a password, fingerprint authentication, etc. along with using multiple devices such as your smartphone. Multi-factor authentication is a great step to improve your security.
- Don’t share much data
It is always better to share as little information as possible when using devices and services. Also, never select “remember my details” option on websites and apps.
- Keep an eye on your watch
As you remember to enable security measures in your watch, similarly remember the physical security of your smartwatch. Keep your watch in a safe place whenever you are in public places such as when taking a shower at the gym.
- Double check your downloads
As you can check your email on the watch, it’s also possible to download a virus onto the device. Use your smartwatch in the same secure manner as you use your smartphone.
Smartwatches have started to become a part of our lives, but they possess such functionality that could potentially open the door to security threats. It is critical that we take precautions when transferring personal data or connecting smartwatches into open networks. If you’re thinking of buying a new smartwatch or already have one, please take a moment to make sure that you are aware of protecting your personal information.