June 23, 2015
Representing the first big wave of wearable technologies, fitness trackers usually are categorized as a wristband or app that helps monitor a user’s daily activity routine and health information – including heart rate, calorie consumption, sleep patterns and cycles and more. According to the Consumer Electronics Association, one in 10 Americans now owns a fitness activity tracker.
However, as the wearable technology market continues to grow and expand its offerings, these early adopters and millions of new users may not fully understand the need to protect the personal information housed inside these devices.
As consumers integrate wearables into everyday life, improvements can be seen in multiple areas of one’s daily routine, including personal healthcare. For example, insurance firm John Hancock Life Insurance now offers fitness wearables to its customers in exchange for personal fitness routine and health information. As activity goals are reached, data from each wearable is then transmitted from the customer back to the insurance company, rewarding him or her with insurance rebates and incentives. This simple exchange of information for rewards is useful, and the more useful the data is, the more valuable it becomes.
The need or desire for users to always be connected means that these smart devices are significantly expanding the field of available personal information, increasing the potential for hackers to attack and escalating the challenges for individuals and organizations to keep data secure. Knowing, for example, that a fitness wearable user is diabetic, has high blood pressure or has high cholesterol is information that hackers may want to obtain. Medical identity theft, extracting and selling specific consumer personal data for use on the black market, is a lucrative opportunity for criminals.
Personal data stored on fitness and health tracker wearables may pose financial risks as well. Updating one’s personal fitness routine through a wearable could give a hacker a clear picture of the best possible times to burglarize a home or car. As the Internet of Things grows, hackers could compile information from various connected sources, such as a smart phone, fitness tracker and car – allowing them to gain a more complete picture about a user’s behavior patterns than if they were looking at personal data from just one device, system or application.
Given the current wearables industry growth projections, manufacturers and Internet service providers must secure the infrastructure used to support this exponential traffic and device growth. Developers need to provide users with added security features, such as cloud-based threat analysis and advanced malware protection, to alert users to potential vulnerabilities and data encryption to secure all information stored on the fitness wearable.
Lastly, with personal consumer data potentially at stake, fitness wearable manufacturers should incorporate default privacy and security standards into the infrastructure of the device, to help ensure personal information remains safeguarded from future hacking threats. Further, UL has developed testing for cybersecurity threats and offers security verification processes to assist manufacturers in assessing security risks and helping mitigate them before the product even goes to market. If the industry takes these steps, wearable users will feel safe and secure as they reap the intended benefits of this new innovation, while the wearables industry will be well positioned to meet the promise of its growth projections.