Your Smartwatch Could Be your Biggest Security Threat

Your Smartwatch Could Be Your Biggest Security Threat

  • By Sydny Shepard
  • Jan 15, 2016

Smartwatches are marketed as tools of convenience for improving everyday activities like shopping and fitness. The wristband technology allows the watch to record your daily movements, monitor your heart beat and can even recognize when you lift your arm to look at the time.

A student at the University of Copenhagen, Denmark has discovered another use for the wearable tech: stealing ATM pin codes and passwords from unsuspecting users.

In Troy Beltrameli’s thesis, titled “Deep-Spying: Spying Using Smartwatch and Deep Learning,” shows a hole in security that’s as clever as it is frightening. The student was able to create an app to capitalize on this gap.

Beltramelli built an app that records the movement data of the Sony Smartwatch 3 and then was able to sift through the data with an algorithm to find important inputs, gaining the ability to unlock a pin-protected phone or use an ATM’s keypad.

This ingenious hack does, however, have its limitations. Users can protect their ATM pin code by pressing it in with the hand that is not wearing the smartwatch. Also, the data needs to be collected by someone in close proximity to the smartwatch. For the student’s test, the data was transferred to a nearby Bluetooth device and then moved onto a server.

The last, and the most important, limitation is that the user has to willingly install the app that records this movement data. This is somewhat easy to overcome by burying such a function in an otherwise legitimate-looking  app.

Despite these limitations, this hack raises the question of how safe these smartwatches are. Recording movement data from the accelerometer and gyroscope is an invasion of privacy beyond the normal cybersecurity risks that people are used to.

The most troubling part about this is if a student could find this cyber security flaw, other less-wholesome types are probably making similar breakthroughs and aren’t publishing their findings in their thesis.

About the Author

Sydny Shepard is the Executive Editor of Campus Security & Life Safety.

Featured

  • Security Industry Association Announces the 2026 Security Megatrends

    The Security Industry Association (SIA) has identified and forecasted the 2026 Security Megatrends, which form the basis of SIA’s signature annual Security Megatrends report defining the top 10 factors influencing both near- and long-term change in the global security industry. Read Now

  • The Future of Access Control: Cloud-Based Solutions for Safer Workplaces

    Access controls have revolutionized the way we protect our people, assets and operations. Gone are the days of cumbersome keychains and the security liabilities they introduced, but it’s a mistake to think that their evolution has reached its peak. Read Now

  • A Look at AI

    Large language models (LLMs) have taken the world by storm. Within months of OpenAI launching its AI chatbot, ChatGPT, it amassed more than 100 million users, making it the fastest-growing consumer application in history. Read Now

  • First, Do No Harm: Responsibly Applying Artificial Intelligence

    It was 2022 when early LLMs (Large Language Models) brought the term “AI” into mainstream public consciousness and since then, we’ve seen security corporations and integrators attempt to develop their solutions and sales pitches around the biggest tech boom of the 21st century. However, not all “artificial intelligence” is equally suitable for security applications, and it’s essential for end users to remain vigilant in understanding how their solutions are utilizing AI. Read Now

  • Improve Incident Response With Intelligent Cloud Video Surveillance

    Video surveillance is a vital part of business security, helping institutions protect against everyday threats for increased employee, customer, and student safety. However, many outdated surveillance solutions lack the ability to offer immediate insights into critical incidents. This slows down investigations and limits how effectively teams can respond to situations, creating greater risks for the organization. Read Now

Most   Popular

New Products

  • Camden CV-7600 High Security Card Readers

    Camden CV-7600 High Security Card Readers

    Camden Door Controls has relaunched its CV-7600 card readers in response to growing market demand for a more secure alternative to standard proximity credentials that can be easily cloned. CV-7600 readers support MIFARE DESFire EV1 & EV2 encryption technology credentials, making them virtually clone-proof and highly secure.

  • ResponderLink

    ResponderLink

    Shooter Detection Systems (SDS), an Alarm.com company and a global leader in gunshot detection solutions, has introduced ResponderLink, a groundbreaking new 911 notification service for gunshot events. ResponderLink completes the circle from detection to 911 notification to first responder awareness, giving law enforcement enhanced situational intelligence they urgently need to save lives. Integrating SDS’s proven gunshot detection system with Noonlight’s SendPolice platform, ResponderLink is the first solution to automatically deliver real-time gunshot detection data to 911 call centers and first responders. When shots are detected, the 911 dispatching center, also known as the Public Safety Answering Point or PSAP, is contacted based on the gunfire location, enabling faster initiation of life-saving emergency protocols.

  • 4K Video Decoder

    3xLOGIC’s VH-DECODER-4K is perfect for use in organizations of all sizes in diverse vertical sectors such as retail, leisure and hospitality, education and commercial premises.