Fitness trackers have become popular because it can track our health instantly, giving the wearer an idea about their health. However, recent news report claim that the wearer’s security is at risk since the privacy is being shared over to the network without it being encrypted. This means that the data of the wearer is being shared to the whole world, making it possible for bad guys to get a hold of your data and use it to expose your health.
A few cyber researchers from the University of Toronto examined eight popular wrist-worn trackers, which they tested for communication with some known mobile apps. They found out that it could store a user data in the manufacturers’ computer servers.
According to the research, some of the models might be giving some feedback to hackers even if the devices are not turned on.
“Fitness trackers are a fairly new technology and we don’t have many regulations right now,” said lead researcher Andrew Hilts, who is also the executive director of Open Effect and a research fellow at Citizen Lab at the U of T’s Munk School of Global Affairs.
“We found cases where your data is being sent and you might not be aware, and there’s no apparent reason why it’s being sent,” Hilts told CBC News.
The study was based on some popular models created by Garmin, Fitbit, Jawbone, Mio, Withings, Xiaomi, Basis and Apple.
All of the devices from these companies are using Bluetooth technology, which emits a signal and a unique ID that can be detected even if the tracker is not paired with a mobile phone. Hilts noted that the wearer’s data is not secured since it can be easily tracked based on their location.
Hilts demonstrated this by accompanying CBC News to Yorkdale Shopping Centre in suburban Toronto, where he used his own mobile phone to scan for Bluetooth signals. There, he proves his point as he is able to detect lots of devices, which includes a Garmin Vivoactive Smartwatch worn by squash enthusiast Mike Maiola.
“That can be a bit invasive,” Maiola said when he found out the problem when CBC News showed him that his wristwatch fitness tracker was detected despite the fact that he wasn’t using it for a workout.