Independent IT security testing authority AV-Test.org has chosen nine fitness trackers and given them the once over, checking how secure they are. An odd thing to be checking one might think, but recent studies have shown vulnerabilities in a lot of the products on the market, with many open to penetration without the owner even knowing.
Weaknesses in the authentication process have been a growing concern in the market as the products become more sophisticated with new features and ideas being tried out all the time. As is often the case, more complex devices are harder to keep secure.
Some of the findings were alarming – the PIN required by one product tested was apparently so simple that testers have contacted the manufacturer with recommendations to change it. Other products failed to properly authenticate the legitimacy of the smartphone app that was connecting with it. The fact that these fitness products willingly hand over all their data as soon as the connection is made is very worrisome considering the growing list of applications people are bringing to this kind of technology.
For the full findings, see AV-Test’s report here