Your Smartwatch Could Be your Biggest Security Threat

Your Smartwatch Could Be Your Biggest Security Threat

  • By Sydny Shepard
  • Jan 15, 2016

Smartwatches are marketed as tools of convenience for improving everyday activities like shopping and fitness. The wristband technology allows the watch to record your daily movements, monitor your heart beat and can even recognize when you lift your arm to look at the time.

A student at the University of Copenhagen, Denmark has discovered another use for the wearable tech: stealing ATM pin codes and passwords from unsuspecting users.

In Troy Beltrameli’s thesis, titled “Deep-Spying: Spying Using Smartwatch and Deep Learning,” shows a hole in security that’s as clever as it is frightening. The student was able to create an app to capitalize on this gap.

Beltramelli built an app that records the movement data of the Sony Smartwatch 3 and then was able to sift through the data with an algorithm to find important inputs, gaining the ability to unlock a pin-protected phone or use an ATM’s keypad.

This ingenious hack does, however, have its limitations. Users can protect their ATM pin code by pressing it in with the hand that is not wearing the smartwatch. Also, the data needs to be collected by someone in close proximity to the smartwatch. For the student’s test, the data was transferred to a nearby Bluetooth device and then moved onto a server.

The last, and the most important, limitation is that the user has to willingly install the app that records this movement data. This is somewhat easy to overcome by burying such a function in an otherwise legitimate-looking  app.

Despite these limitations, this hack raises the question of how safe these smartwatches are. Recording movement data from the accelerometer and gyroscope is an invasion of privacy beyond the normal cybersecurity risks that people are used to.

The most troubling part about this is if a student could find this cyber security flaw, other less-wholesome types are probably making similar breakthroughs and aren’t publishing their findings in their thesis.

About the Author

Sydny Shepard is the Executive Editor of Campus Security & Life Safety.

Featured

  • Windsor Port Authority Strengthens U.S.-Canada Border Waterway Safety, Security

    Windsor Port Authority, one of just 17 national ports created by the 1999 Canada Marine Act, has enhanced waterway safety and security across its jurisdiction on the U.S.-Canada border with state-of-the-art cameras from Axis Communications. These cameras, combined with radar solutions from Accipiter Radar Technologies Inc., provide the port with the visibility needed to prevent collisions, better detect illegal activity, and save lives along the river. Read Now

  • Survey: 84 Percent of Healthcare Organizations Spotted Cyberattack in Last 12 Months

    Netwrix, a vendor specializing in cybersecurity solutions focused on data and identity threats, surveyed 1,309 IT and security professionals globally and recently released findings for the healthcare sector based on the data collected. It reveals that 84% of organizations in the healthcare sector spotted a cyberattack on their infrastructure within the last 12 months. Phishing was the most common type of incident experienced on premises, similar to other industries. Read Now

  • Keynote Speakers Announced for ISC West 2025

    ISC West, hosted in collaboration with premier sponsor the Security Industry Association (SIA), unveiled its 2025 Keynote Series. Featuring a powerhouse lineup of experts in cybersecurity, retail security, and leadership, each keynote will offer invaluable insights into the challenges and opportunities transforming the field of security. Read Now

    • Industry Events
    • ISC West

  • Study: Video Doorbells Have a 71% Service Attach Rate

    Parks Associates recently announced a new white paper, Consumer IoT Product Development: Managing Costs, Optimizing Revenues, which provides companies with a business-planning blueprint to evaluate how a consumer IoT solution will perform across its lifetime. Subscription services, such as video storage and professional monitoring, can be critical for covering ongoing cloud and support costs Read Now

Most   Popular

Featured Cybersecurity

Webinars

New Products

  • Automatic Systems V07

    Automatic Systems V07

    Automatic Systems, an industry-leading manufacturer of pedestrian and vehicle secure entrance control access systems, is pleased to announce the release of its groundbreaking V07 software. The V07 software update is designed specifically to address cybersecurity concerns and will ensure the integrity and confidentiality of Automatic Systems applications. With the new V07 software, updates will be delivered by means of an encrypted file. 3

  • 4K Video Decoder

    3xLOGIC’s VH-DECODER-4K is perfect for use in organizations of all sizes in diverse vertical sectors such as retail, leisure and hospitality, education and commercial premises. 3

  • HD2055 Modular Barricade

    Delta Scientific’s electric HD2055 modular shallow foundation barricade is tested to ASTM M50/P1 with negative penetration from the vehicle upon impact. With a shallow foundation of only 24 inches, the HD2055 can be installed without worrying about buried power lines and other below grade obstructions. The modular make-up of the barrier also allows you to cover wider roadways by adding additional modules to the system. The HD2055 boasts an Emergency Fast Operation of 1.5 seconds giving the guard ample time to deploy under a high threat situation. 3