The smart watch market is gaining much popularity these days as it is considered to be a gadget which is technical and fashionable at the same time. These multifunctional devices can send messages, use mobile apps, provide fitness stats, and much more – all while the person is driving or working out. Technologists have also predicted that in future, smart watches will act as the key to open door locks and access computers. With these kinds of sensitive functionalities at exposure, it becomes utmost crucial to understand the security aspects of such devices.
With this edition of ShieldCast, we aim to educate end users about the potential security risks of using smart watches and what all it takes for security testing and securing such devices.
Smart Watch Security
Since the debut of the first digital watch in 1972, the watch industry has undergone a continuous advancement. In recent years, smart watches have appeared as the most trendy wearable gadget in the market which are being used by around 141 million users worldwide. They act like extension to smartphones and are also equally vulnerable to security breaches. In a recent incident in Europe, a model of kids' smart watches were recalled due to security concerns. That said, security issues with smart watches are legitimate concerns.
Smart Watch Security Risks
The varied functions available on smart watches make it attractive for attackers who are always on the hunt to exploit vulnerabilities of these devices and gain access to user data. Let's take a look at some of the security risks associated with smart watches:
Susceptibility to unauthorized account access attacks is due to:
- Weak passwords
- Insecure password recovery mechanism
- Inability to block an account after continuous failed attempts
Bluetooth networks used by smart watches are vulnerable to attacks such as:
- Man-in-the-middle attack (MITM)
- Blue-Stumbling (forced re-pairing) and many others
User's typing activity can be detected through motion sensors on smart watches
Smart watches are not known to store data in an encrypted format, so it is possible to physically acquire data after gaining root access
Skills Required For Security Testing Of Smart Watches
To perform security testing of smart watches, a tester must possess knowledge of:
Steps To Ensure Security Of Smart Watches
Security of smart watches should not only be the concern of end users or security professionals, it should start right at the manufacturing phase and should be carried throughout the process to the end user. Let’s take a look at what is required to ensure the safety of such trendy smart wearables:
Latest Security News
We would love to hear your feedback, questions, comments and suggestions. This will help us to make us better and more useful next time.
Share your thoughts and ideas at firstname.lastname@example.org
The logos used in this post are owned by the individual companies of each logo or trademark. The logo is not authorized by, sponsored by, or associated with the trademark owner, but QASource is using the logos only for reviewing purposes. The endorsement of the used logos by QASource is neither intended nor implied.