How Secure Are Wearable Devices?

Wearable devices are increasingly pervasive, especially those used to monitor our activity levels. The industry has made strides to try and ensure they are as reliable as possible.

For instance, last year, a team of researchers developed a mechanism to spot the difference between fake and real activity.

Once the new system had been trained on suitably dubious behavior, it was able to identify such behavior with an accuracy of 84%.

“As healthcare providers and insurance companies rely more on activity trackers, there is an imminent need to make these systems smarter against deceptive behavior,” the authors say. “We’ve shown how to train systems to make sure data is authentic.”

Secure Data

A team from the University of Edinburgh are also working to ensure the data produced by wearable devices is secure. In a recently published paper, the team argues that vulnerabilities in wearables could significantly threaten the privacy of users.

They suggest that the communication procedures of many wearable devices have distinct security weak spots that could allow unauthorized sharing of personal data.

The authors believe such weaknesses could have a particular impact in healthcare, where vulnerabilities could result in fake health records being created. This is especially risky in private healthcare markets where premiums could be influenced by activity data.

The team analyzed two models of Fitbit and found a number of ways hackers could intercept data as it traveled between the devices and the cloud, and subsequently send false data in its stead. They even highlighted how end-to-end encryption on the devices can be circumvented by dismantling each device and modifying the information stored directly on the memory.

They provide the industry with a number of tips and guidance for improving upon these weaknesses and to ensure future devices do a better job of securing personal data. Indeed, as a direct result of the paper, Fitbit has developed a number of patches to do just that.

“Our work demonstrates that security and privacy measures implemented in popular wearable devices continue to lag behind the pace of new technology development. We welcome Fitbit’s receptiveness to our findings, their professional attitude towards understanding the vulnerabilities we identified and the timely manner in which they have improved the affected services,” the authors say.