A recent study by Trend Micro has revealed that all the notable smartwatches including the Apple Watch, Pebble and the Android Wear-based watches (Moto 360, LG G Watch, Sony Smartwatch, Samsung Gear Live, Asus Zenwatch) come with serious security and privacy concerns.
The researchers tested the smartwatches in three areas: device protection, data connection and local storage. The devices were monitored with only the preinstalled apps on them (i.e. no third-party apps), and with the latest OS version.
Physical device protection was poor on all watches, with authentication not enabled by default on any of them. In case of Android Wear watches or the Pebble – when connected to an Android smartphone – the phone treats smartwatch as a trusted device and can be unlocked by it. So in case you lose both the devices together, your phone can be unlocked with just a couple of taps on the paired watch.
What’s even more alarming, all devices tested had local copies of the data, so the thief can have the access to all the synced data. This was particularly true in case of the Apple watch, and in addition to info like contacts, emails, pictures etc., more sensitive data such as Passbook entries, which can be used to make payments, was also compromised.
On a positive note, Apple Watch was the only device that had a timed lock-out facility and would even wipe out the data after a predefined number of failed log-in attempts. All of the watches used Bluetooth encryption and TLS over Wi-Fi to secure the data transmission.
So, these wrist gizmos are currently not ideal to store your sensitive or corporate data, but it’s just a matter of time when we’ll have securer devices. In fact, they could become a must have gadget in near future with newer, better devices available and all these security concerns addressed.