Fitness trackers are widely popular. It seems like every person who decides to improve their fitness or lose weight buys one of these gadgets dubbed to help you reach your goal easily. It is estimated that about 20 million of these devices have been sold in the first half of 2016, and it’s not surprising, fitness trackers are versatile and promise to deliver different kinds of info that you can use to keep track of your progress. With multiple advertised benefits and immense popularity, it comes as a total shock that fitness trackers can put your security at risk. Keep reading to find out more.
How Do Fitness Trackers Affect Security?
You see your fitness tracker as a device that displays blood pressure, calorie burn, the amount of steps you make, and so on. To use all benefits that fitness trackers have to provide, you usually have to connect them with your smartphone device or a computer. That way, you get detailed insight into the progress you’re making. It all seems harmless, but not so fast. According to Ahmad-Reza Sadeghi of the Technische Universität Darmstadt, the data collected by fitness trackers aren’t only used for their original purposes; they are increasingly used by third parties as well.
Sadeghi and his team collaborated with the University of Padua, Italy to examine whether these devices jeopardize wearers’ security. They analyzed 17 fitness trackers made by famous brands such as Xiaomi, Garmin, and Jawbone as well as gadgets made by less known manufacturers. For the purpose of the study, scientists focused on the manipulation of the gathered data on their way to the cloud server by the “man in the middle” attack. They wanted to investigate the security and safety of communication protocols used by fitness trackers.
After a thorough examination, the research team discovered shocking results. Even though all cloud-based tracking systems do use HTTPS and other encrypted protocols to transfer data, the scientists succeeded to falsify information in all gadgets they included into the study. In fact, only devices made by four manufacturers took minor measures to protect the data integrity. That said, these measures were so weak and poses as no obstacle for a motivated attacker. The study author revealed that scammers could easily manipulate the data from your fitness tracker with very little IT knowledge meaning, a person doesn’t have to be a well-skilled hacker to manipulate information on your device.
Researchers also discovered that five manufacturers, whose gadgets were included into the study, didn’t provide a possibility to sync up fitness data with online services. They store the gathered data in plain-text. More precisely, the stored data is unencrypted and visible to everyone, thus increasing the risk of a security breach and unauthorized data leak in case a virus infects someone’s smartphone or it’s stolen.
Access to the data by nosey and curious attackers isn’t the only issue with security of these devices. Data gathered by fitness trackers have been used in court trials. The Forbes reported that a legal firm from Calgary, Canada was working on the first known personal injury case which included activity data from popular FitBit to help show the effects of an accident on their client, back in 2014.
The NY Daily News alleges that police have started to use fitness trackers from companies such as FitBit, Garmin, and Jawbone in courtroom as part of the evidence. For example, they used information from Lancaster, PA woman’s FitBit to prove she lied about being sexually assaulted. Attorneys and police have started considering fitness trackers as human “black boxes.”
The popularity of these gadgets and easy access to the data also led a number of health insurance companies to offer discounts if the insured individuals provide personal data from devices they’re using.
Sadeghi explains that inadequate security associated with fitness trackers could attract scammers who would manipulate the tracked data to gain financial benefits or influence a court trial fraudulently.
The Fitness Tracker Hinders Your Weight Loss
People usually buy a fitness tracker because they want to lose weight which is why a team of scientists at the University of Pittsburgh decided to examine its effect on weight loss. Results, published in the JAMA, were quite surprising. They showed that among young adults with BMI between 25 and 40, the addition of a wearable technology device resulted in less weight loss compared to standard behavioral intervention. Scientists concluded the study explaining that devices that monitor physical activity and provide feedback don’t offer an advantage over conventional approaches to weight loss.
Although fitness trackers are trusted by millions of users, the latest research showed they aren’t that trustable at all. Gaining access to data collected by these devices is easy, and it can be done without vast IT knowledge. Since health insurance companies start to use data from fitness trackers as well as police and attorneys, this leaves space for people to manipulate the data. It’s also needless to mention that any motivated attacker can access data your fitness tracker collected.