Wearable security flaws revealed in study

Nearly every big name device is leaking data
Wareable is reader-powered. If you click through using links on the site, we may earn an affiliate commission. Learn more

A study into the security of wearables has shown that your fitness tracker may not be as secure as you think.

In the testing, conducted by the University of Toronto, eight of the most popular wearables were examined to see how securely they uploaded and stored data.

Research organisation Open Effect tested the Apple Watch, Basis Peak, Fitbit Charge HR, Garmin Vivosmart, Jawbone UP2, Mio Fuse, Withings Pulse O2 and the Xiaomi Mi Band, but results showed how susceptible some of the devices are to potential hackers.

Essential reading: The worrying potential of wearable data

Garmin Connect was found to transmit heart rate and movement without encryption, as was the Jawbone UP2, and executive director of Open Effect, Andrew Hilts was able to manually hack and edit his daily step count to one million.

"Potentially people could meddle with their data and say they are doing fitness events, fitness activities, even when they weren't," said Hilts.

All but one of the devices could be tracked via Bluetooth using beacons, which are increasingly being used to track consumer behaviour in malls and public spaces. Only the Apple Watch randomised its Bluetooth ID, making long term tracking near impossible.

And the study seems to already be having an effect. Withings has already issued a statement, saying it will beef up the security of its Health Mate app.

"An updated version of the Android app will be available in the coming week and will feature enhanced encryption," it said in a statement to CBC News.

Should wearables be more transparent with their privacy policies? Have your say in the comments below.

Source: CBC

WareableWearable security flaws revealed in study

How we test

Related stories