Subscribe for our latest security news and tips and get your 15% discount!
Fitness trackers are quickly becoming a common wrist accessory to monitor health and physical activity. But who else can see the data that is collected by the device?
You may ask, who cares about how much calories have I burnt during my morning workout? Many of us even share fitness tracking results on social networks. However, almost everyone can agree that the more personal the data is, the less we want expose to it.
According to the Gartner forecast, 322.69 million wearables will be sold in 2017. It is almost 829 million items in 3 years, which is about 11% of the world population. That is quite a great deal of personal information from sleep patterns to heart rate, which anyone can access.
Insecure Bluetooth pairing
The wristbands are typically synced with smartphones via a Bluetooth Low Energy (BLE). However, this convenience doesn't ensure privacy, meaning that anybody can watch your activities. This allows a criminal to identify the owner of the device and manipulate personal data. Many people can be interested in the location information, including burglars and stalkers who can break into a house knowing the owner's whereabouts.
The researches at Open Effect have found that security of our fitness trackers is a lot weaker than we think. Following their discovery, they found that many trackers contain the same common flaw, which could theoretically allow the attackers to follow you or intercept your data.
Their research also found that companion apps for devices by Jawbone, Withings, Garmin, and Xiaomi contain security holes that could potentially expose your data, but at the same time let the attackers fake the data too, meaning that they could change information in the app. However, the good news is that in their research they also found devices from Apple, Fitbit, and Mio to be relatively secure.
How to secure your fitness tracker
Regardless of the fitness wearable, MacKeeper security experts recommend taking some basic security measures that will prevent the risk of compromising your self-tracking information:
- Prevent unauthorised access to fitness tracker by using strong password
- Use unique login information between different sites
- Turn off Bluetooth when you don't need it
- Do not provide excessive information to websites and services
- Do not share your location on social networks
- Always timely install app updates
- Use device encryption if possible