Wearable Devices: Are They Secure?

Wearable devices like smart watches, fitness tracking bands, smart glasses and hands free headsets have become easy to sync with smartphones and other devices and applications to help users feel more organized, connected and up-to-date. However, the increasing amount of personal information that wearables contain poses a significant security risk.

Wearable devices can contain personal information such as location, health metrics, and credit card information (Apple/ Android/Samsung Pay). This type of information is potentially dangerous when stored on wearable technology because the more devices and apps the user syncs to it, the less secure your data is, and the more accessible the data is to cybercriminals. Most wearable technology also uses insecure wireless connectivity such as Bluetooth or Near-Field Communication (NFC). Each type of wireless connection acts as a different access point of entry into the user’s private life.

Two fairly recent breaches include the popular apps Facebook and MyFitnessPal. Thousands of users’ phone numbers, emails and passwords were harvested and used to uncover personal identities of the application users. By agreeing to the terms of any agreement to sync data with different devices without fully reading it, users may be agreeing to give the application access to their personal email and other private information without realizing it. It’s important to actively stay up to date on any agreements presented before syncing different personal data together. Syncing various devices together through outside applications increases risk and acts as an easily-accessible “door” into a user’s otherwise confidential life.

How to secure your wearable devices:

  1. Be aware of the potential risks wearable devices with low security measures present.
  2. Diligently read all user agreements before syncing data to outside applications.
  3. Use different credentials for all of your accounts.
  4. Be aware of your surroundings: free wireless connectivity doesn’t mean the connection is safe, secure, or private.
  5. Change your settings on all wearable devices to require a password to gain access.

If you suspect your information has been breached, immediately change all account passwords and notify the appropriate parties, such as financial institutions and local law enforcement to watch for suspicious activity. Also, be sure to file a complaint with IC3.gov. No data breach is too small to ignore. Take action!

IACP Conference