Authored by a Symantec employee
The popularity of smartwatches and jewelry is gaining momentum as more people discover the convenience of having the power of the internet literally in the palms of their hand, in addition to the Internet of Things (IoT) concept in the marketplace. It is estimated that 350 million wearable devices will be used globally by 2018. However, several recent studies have concluded that 100 percent of these popular wearable mobile devices contain severe susceptibilities.
Risks on Your Wrist
Smartwatches and other wearable devices act as an extension of your smartphone, giving you instant access to powerful apps, email, text messages, and the web. Since smartwatches are still in their infancy, they are prone to security breaches. A recent research study directed by Hewlett-Packard found critical security issues in the top smartwatch devices.
The most common problem was insufficient user authorization. Every smartwatch that was analyzed had a user interface that lacked two-factor authentication or the aptitude to freeze accounts after multiple failed password attempts. Thirty percent of the smartwatches tested were susceptible to account harvesting.
The study also concluded that smartwatches lack the necessary transport encryption protocols. While all of the devices utilized the SSL/TLS encryption, 40 percent of the smartwatches were vulnerable to concerns such as SSL V2 and POODLE.
The cloud-based web interfaces that 30 percent of the devices used allowed hackers to identify valid user accounts through services that enable them to reset a password.
Additionally, seven of the 10 smartwatches had issues with firmware updates, allowing data to be downloaded due to a lack of encryption.
Finally, the HP study suggested that smartphones exhibited both personal and privacy risks. All of the devices studied included some type of personal identification info. When paired with lax security, the wearer became vulnerable.
Keeping Your Wearable Watch and Jewelry Safe
While these studies might cause alarm, there are some steps you can take to protect your privacy via a smartwatch. The first step is to acknowledge that there is a threat to your personal security. It’s also important to choose substance over style. The second wave of wearables includes more sophisticated security features than the first generation. Even if you find an extremely affordable, first-generation smartwatch for sale, opt for the newest version that offers the best security amenities.
Further, do not store any critical personal information on your watch, such as your social security number, bank account numbers, credit card info, or address. If you make online purchases, do that from your laptop or tablet, not a wearable device. Also, limit the use of apps that don’t encrypt sensitive data and do not use an unsecure Bluetooth or Wi-Fi network.
Also keep on top of the latest OS available. Cyber criminals are always searching for ways to breach OS software, especially older firmware. If a new version of an OS becomes available, download it immediately for the latest security updates.
It is essential that you protect yourself from Internet threats by following the aforementioned tips. As wearable device technology gets better, protection will improve. But until then, customers should be mindful of the risks.
Disclaimers and references:
Symantec Corporation, the world’s leading cyber security company, allows organizations, governments, and people to secure their most important data wherever it lives. More than 50 million people and families rely on Symantec’s Norton and LifeLock comprehensive digital safety platform to help protect their personal information, devices, home networks, and identities.
© 2018 Symantec Corporation. All rights reserved. Symantec, the Symantec Logo, the Checkmark Logo, Norton, Norton by Symantec, LifeLock, and the Lockman Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the United States and other countries. Firefox is a trademark of Mozilla Foundation. Google Chrome is a trademark of Google, Inc. Mac, iPhone