It’s no secret that we’ve, overtime, developed a keen interest in high-tech toys like smartwatches. Strapping a touchscreen with a fancy display to our wrist is the new style statement. It gives us the ability to communicate rapidly, glance at emails, and experience important benefits in productivity and mobility.
Unsurprisingly releases like the Apple Watch have been slated to account for a major portion of overall sales in the next five years or so. These watches are driving the influx of wearable devices into the mainstream, which have grown in popularity since the introduction of the IoT (Internet of Things) concept.
Perhaps you recently bought one, and you love how it’s playing out, but there’s something important you need to know.
Your smartwatch has security vulnerabilities… just like your smartphone, and any other device that connects to the internet.
HP’s Smartwatch Security Study states that though the adoption of wearable devices is on the rise, less focus has been placed on security. They conducted manual testing on iOS and Android-based smartwatches along with the use of HP Fortify on Demand and digital tools. The results revealed that all 10 devices analyzed had significant security vulnerabilities, including privacy concerns, insufficient authentication and lack of effective encryption.
Additionally, apps also pose a threat to smartwatch security, just as they do to smartphone security. Downloading of malicious and third-party apps can make your watch vulnerable to hacking attacks. And with functionality like using the device to get into a hotel room or opening a door, it can be used for access control, which makes it a more attractive target for adversaries.
Tips to Improve the Security of Your Smartwatch
While most smartwatches are in their first-generation and it will take some time before manufacturers update their software to patch discovered security vulnerabilities, users themselves can take steps to improve the security of their device. Here’s what you can do:
1. Close Loopholes That Harm Your Privacy
Apps on your smartwatch can store personal information and can also be exploited to sneak on any data you store in cloud services. That’s why you need to take actions such as:
- Limiting the use of apps that don’t encrypt sensitive data
- Limiting the use of unsecure WiFi and Bluetooth
- Limiting the use of apps that don’t list privacy information storage specifics
Most of the apps on the smartwatch will be connected to their main versions on your smartphone, which means they can rely on the security integrated into the smartphone app. Also, avoid downloading apps from third-party sources; only download from official app stores.
2. Use Two-Factor Authentication When Possible
The HP research study highlighted user authorization and authentication issues. All smartwatches that were paired with a smartphone interface were missing two-factor authentication as well as the ability to lock a user out after 3-5 failed attempts at the right password.
30 percent of the watches were also vulnerable to account harvesting, which implies that a cyber criminal could gain access to the data on the device and the OS through a combination of tactics to exploit lack of account lockouts and weak password policies.
The best defense, apart from using strong passwords, is to activate two-factor authentication for your smartwatch when it becomes available. For example, SecSign Technologies recently announced a new generation of authentication solutions and digital identity protection to improve and simplify user login security on the Apple Watch. The world’s first two-factor authentication app offering biometric identity verification (via skin contact) has already received its first beta.
3. Update to the Latest OS
Your smartwatch is only secure as the OS on it, but malware hackers and cyber criminals are constantly looking for new ways to exploit Android OS and iOS, especially older firmwares. Security could be improved by keeping the OS updated to the latest version available.
Also, avoid doing things like jailbreaking the OS, as it voids your warranty and also puts insecure apps on your wearable device. New updates should be installed as they include patches for a variety of bugs.
You made a great investment; protect it by following the tips mentioned above and any other security tips given by the manufacturer or developers releasing the OS.
Do you have a smartwatch? How much are you concerned about privacy? Feel free to leave comments.