QASource Newsletter

QASource Blog Smart Watch Security: Shieldcast - Winter 2019

Smart Watch Security: Shieldcast - Winter 2019

Smart Watch Security Risks

The varied functions available on smart watches make it attractive for attackers who are always on the hunt to exploit vulnerabilities of these devices and gain access to user data. Let's take a look at some of the security risks associated with smart watches:

Smart Watch Security Risks
  • Susceptibility to unauthorized account access attacks is due to:

    • Weak passwords
    • Insecure password recovery mechanism
    • Inability to block an account after continuous failed attempts
  • Bluetooth networks used by smart watches are vulnerable to attacks such as:

    • Man-in-the-middle attack (MITM)
    • Blue-Stumbling (forced re-pairing) and many others
  • User's typing activity can be detected through motion sensors on smart watches

  • Smart watches are not known to store data in an encrypted format, so it is possible to physically acquire data after gaining root access

Skills Required For Security Testing Of Smart Watches

To perform security testing of smart watches, a tester must possess knowledge of:

Skills Required For Security Testing Of Smart Watches

Steps To Ensure Security Of Smart Watches

Security of smart watches should not only be the concern of end users or security professionals, it should start right at the manufacturing phase and should be carried throughout the process to the end user. Let’s take a look at what is required to ensure the safety of such trendy smart wearables:

Steps To Ensure Security Of Smart Watches
Suggestions

Suggestions?

We would love to hear your feedback, questions, comments and suggestions. This will help us to make us better and more useful next time.
Share your thoughts and ideas at knowledgecenter@qasource.com

Disclaimer

This publication is for informational purposes only and nothing contained in it should be considered legal advice. We expressly disclaim any warranty or responsibility for damages arising out of this information and encourage you to consult with legal counsel regarding your specific needs. We do not undertake any duty to update previously posted materials.