150. news

How safe is your smartwatch?

July 2015

A recent study reveals that the top-selling smartwatches on the market have serious security problems. Users beware…

I remember being in primary school (circa 1998), and during one class the teacher was apparently in need of a break and decided to play the class a film. After pressing “play”, he left the classroom, entrusting that we would carefully watch the movie and behave.

At that point, a classmate pointed his wristwatch towards the TV and stopped the movie. He then changed the channels and found us all something more interesting to watch. For those few minutes, that young man was the most popular kid in the class.

You can say this was my first exposure to the precursors to today’s smartwatches. His timepiece had infrared functionality which made it capable of acting like a remote control, something which was amazing to me.

How safe is your smartwatch?

Sure enough, when the teacher returned, the wristwatch was confiscated and the culprit was sent to the principal’s office (his popularity lasted just as long too, unfortunately). And this seems to still be an issue today. Schools across the world are banning the use of smartwatches in the classroom. For one, they distract. But more obviously they can be used to cheat on exams and the like.

Alas, the innovative mind will always find a way to cheat.

But that type of "cheating” can go both ways. My story shows how a wristwatch can be used to “hack” into a television set. But what about when it goes the other way around, when the watch is the vulnerable one?

We all know by now the dangers of hacking on our personal computers. Even mobile phones are increasingly decked out with anti-virus apps. So it’s surprising that smartwatches remain vulnerable in security terms, according to a recent report. This is striking, not least because they often replicate functions that are done by our computers and mobile phones, e.g. email, online banking, etc.

According to US tech giant Hewlett-Packard, the top smartwatches on the market all have security problems. The company tested 10 wearables for their security, among them the offers by Apple, Pebble, Samsung and Sony. They were tested for features such as password protection and data encryption.

The study found all the watches had at least one problem area. And the reason could be the fierce competition and the need to get to market before all the details are sorted. Mark James, security specialist at online security firm ESET, was reported by the BBC as saying:

“Keeping up with other manufacturers to be a forerunner in this technology field may force products to be released without the necessary attention to how secure they actually are.”

The main findings of the analysis were:

  • Half the watches tested had a lock function to prevent others from gaining access
  • Nine out of the ten watches sent some data unencrypted, meaning they could be easily hacked
  • Two of the smartwatches could be easily paired with a different phone if stolen

According to the release by HP, “The results of our research were disappointing, but not surprising.” As a result, HP is keen to work with the manufacturers to “build security into their products before they put them out to market”.

With more jumping on the smartwatch bandwagon, the issue of smartwatch security will become increasingly important. On the one hand, users need to take precautions to help guard against the risk of exposing personal information. This includes doing the basics, like setting up a lock screen (or ensuring that the smartwatch that is purchased has this feature to begin with).

But manufacturers must play there role too. Consumers might not be aware that their smartwatches are vulnerable, but tech giants like Apple, with decades of experience in data security for their computers and mobile devices, surely must be aware of the problem.

Odds are, it will take a significant breach of security – something like some celebrity’s smartwatch being hacked – for the issue to go mainstream and finally be addressed. (VJ)