The security of wearable fitness trackers could be improved to better protect users’ personal data, a study suggests. Vulnerabilities in the devices – which track heart rate, steps taken and calories burned – could threaten the privacy and security of the data they record, scientists say. Exploiting security weak spots in the communication procedures of some gadgets could allow unauthorised sharing of personal data with third parties. These include online retailers and marketing agencies, the team says.
The findings will be presented at the International Symposium on Research in Attacks (RAID) on 18-20 September. The research was carried out in collaboration with Technische Universitat Darmstadt, Germany, and the University of Padua, Italy. The Edinburgh researchers were part-funded by the Scottish Informatics and Computer Science Alliance.
Dr Paul Patras, of the University of Edinburgh’s School of Informatics, who took part in the study, said: “Our work demonstrates that security and privacy measures implemented in popular wearable devices continue to lag behind the pace of new technology development. We welcome Fitbit’s receptiveness to our findings, their professional attitude towards understanding the vulnerabilities we identified and the timely manner in which they have improved the affected services.”
Such frailties could also be targeted …