Wearables: A Pandora’s Box For Security?

As many have noted, we’re entering a new era where wearable gadgets — from watches and fitness bands to glasses and health aids — are at the forefront of the new technological revolution. A PricewaterhouseCooper’s report found that more than 20 percent of U.S. adults already own at least one wearable, and estimates that soon we’ll be using them at home and work for a variety of purposes, with as many as 50 billion new connected devices by 2020.

This new breed of devices, often referred to as the Internet of Things (IoT), will reshape the way we live our lives in ways small and big, offering new practical, convenient (or just entertaining) capabilities that were the stuff of dreams not too long ago. Most of these new functionalities will in large part be fueled by the collection and processing of vast amounts of personal data, so it’s essential that both consumers and manufacturers keep privacy and security front and center when adopting and building these new technologies.

The Double-Edged Sword

Thanks to a few decades of remarkable and relentless engineering progress, miniaturized components are readily available that allow whole new species of powerful mobile and wearable technologies. Not surprisingly, consumers have embraced not only mobile, but wearables, including fitness monitors, smartwatches and a whole host of connected medical devices. Although consumers have some idea of the sorts of data these devices capture — location, for instance — it’s unlikely most have a real grasp of how revealing, comprehensive and risky that information can be.

For example, even a garden variety smartwatch is capable of sensing and recording not only one’s spatial information and location via several technologies (wirelessly via Wi-Fi, Bluetooth and GPS), but also a user’s physical activity — everything from temperature and heart rate to blood oxygen levels and more. On the one hand, access to that sort of comprehensive, intimately personal data is what makes these mobile and wearable devices so capable, so functional and, ultimately, desirable. But it’s also why they are so tantalizing to identity thieves and fraudsters.

The Sky’s The Limit

Thus, the dilemma with mobile and wearable tech presents us with a paradox of sorts: To unlock their incredible potential, we have to give them unfettered access to a lot of our personal data. Because the data collected and stored by the ecosystem required to collect and synthesize this information is so potentially comprehensive, if compromised — via physical theft or infiltration by other means — the risk to your privacy and identity is worrisome.

The data collected and stored on your mobile device can be worth 10 times the value of a credit card on the black market.

My view is that the weakest link is your mobile phone, not the actual wearable device itself. That’s because wearables tend to link to your mobile device over a short-range wireless spectrum known as “Bluetooth” (used to wirelessly send and receive data between your wearable device and your smartphone), and typically only collects a rather small set of data. However, contrast that with your smartphone, where your data is stored and synthesized from numerous sources, which makes that device a prime target for hackers.

To even a novice thief, the potential for abuse is substantial, from simple credit card or identity theft to various forms of fraud. To a seasoned criminal, however, such data could be catastrophic to a victim, leading to high-scale extortion or even physical threat of robbery, stalking or worse. In fact, the data collected and stored on your mobile device can be worth 10 times the value of a credit card on the black market.

Practice Self-Defense

As with any connected device, simple safety measures go a long way to making you less likely to be the victim. That’s why we need to be first line of defense in protecting data by adopting practices to protect our information for both wearables and our mobile devices. When considering mobile and wearable devices, spend a few minutes reading user reviews and look beyond price, so you can eliminate bad options with confidence.

Choose a device that has location and remote-lock capabilities, so the device can be erased should it be lost or stolen. Another key tip is to enable a password to protect your device. Whenever possible, use biometric authentication such as your fingerprint or face recognition — you’ll likely find it easier than using a password while providing even stronger protection.

Keep Perspective

As with any other type of technological shift, there undoubtedly will be FUD (fear, uncertainty and doubt) and sensationalized stories about the risks of wearable tech — it happened with the radio, the telephone, the TV, the microwave, the PC and the Internet, and will certainly happen again with wearables.

The point isn’t that wearable tech is inevitably dangerous or bad. To the contrary, I’m as excited as anyone about the new products emerging on the horizon, and have embraced them to enrich my life. However, the key to widespread adoption of wearables is ensuring security is built in from the beginning instead of being an afterthought.