Your Smartwatch May Leave You Vulnerable to Security Threats

August 11, 2016

11:06 am

How much would you pay someone to count your steps? To follow you wherever you went and tell you how many calories you were burning, even while you slept? Unless you're willing to empty your bank account and trade in your most valuable personal possessions, you may have to do without.

Fitness tracking wristbands are dominating the wearable technology scene, but new research suggests they might be making us targets for criminals.

Earlier in the year, the Stevens Institute of Technology (SIT) discovered that smart wrist accessories, such as fitness trackers and smartwatches, hold all the information a sophisticated hacker needs to break into your bank account and even into your home.

How Wearable Technology Can Give Away Your PIN

Researchers at SIT found that smart wristbands can track the movement of our hands as we enter our PIN at ATMs or in card readers. If this valuable security information is stored, they will soon become popular targets for hackers and cybercriminals wanting access to the information.

Although the study showed that it was not an easy task to hack into the wearables, it was still possible. Sensory data can be “sniffed” out by hackers and leaked through wireless networks onto other devices. In this case, the information was pulled through a number of smartphones via bluetooth.

An algorithm was then developed to predict the PIN codes for 5,000 sample four-digit combinations using the leaked sensory data. This was done through tracking the direction and distance traveled by the wearers’ hand as they entered their PIN.

Fascinatingly, they also showed how subconscious participant behaviour actually assisted the algorithm. Each combination was rounded off with a ‘final significant hand motion'. Researchers soon realised that this involuntary flourish occurred when the participant pressed ‘enter', and thus signalled the completion of the entry.

In the first attempt alone, the algorithm accurately calculated 80% of all sample PIN code combinations. After a further four attempts, the algorithm accuracy soared to 99 percent.

Are Smartwatches Threatening Your Business Security?

For SIT's researchers, the main objective was to examine the risks which wearable technology presents to personal bank security. However, their findings draw attention to a whole host of other potential security issues.

Information could be leaked from any number of devices which use push-button combinations: from relatively low risk data such as phone numbers, to high security passwords and keypad safe combinations.

The risks apply to more than data too. Employees wearing smart devices throughout their working week may regularly press entry codes throughout their building for gaining access to areas with expensive goods or equipment. As security industry specialists Carter Security point out, there are numerous benefits to using access control systems, particularly for commercial buildings. For example, if a registered set of keys is lost, replacing locks and reassigning keys across a large company can be difficult and expensive. But while access control keypads offers a convenient solution, they could also introduce new security threats.

Fitness Trackers Could Help Burglars Break Into Your Home

This year, with co-living models of property sharing becoming increasingly popular, residential security systems are also turning towards digital alternatives. The large scale, communal model of renting is greatly inspired by hotels, with many serviced apartment providers offering their residents “hotel-inspired services” and amenities.

Similarly to many commercial buildings and hotels, these co-living buildings are used by a significant number of individuals. Convenient access control systems with keyless entry methods are also a popular security measure for such companies. But, as security suppliers Banham mention, it's possible to integrate access control systems across security systems for the entire premises. If security can be compromised on one aspect of an integrated system, does that put the whole operation at risk?

If so, we may see smartcard access control systems becoming more popular alongside audio and video entry systems.

As the popularity of both co-living and smart wearable technology continues to soar, it's possible that the risk of domestic break-ins caused by smart device hacks may also be about to rise.

Did you like this article?

Get more delivered to your inbox just like it!

Sorry about that. Try these articles instead!

Simon Davies is a London based freelance writer with an interest in startup culture, issues and solutions.