Wearable tech has had a mixed security record - who can forget the revelation that Fitbit users were broadcasting their sexual activity to the world after a misguided attempt to help users share?
The issue was - naturally - hastily patched, and a new generation of wearable tech brands hope that wearables can actually improve security, by offering built-in biometrics or working as two-factor (or even three-factor) authentication devices.
So far, the appeal of wearable tech has largely been to fitness fiends (even the humble Pebble Steel smartwatch ships with a full suite of fitness apps), and to workaholics keen to offload some of their Inbox onto their wrist.
But the makers of the hit Misfit fitness watch are now turning their attention to improving security with their next gadget - as are a host of new KickStarter projects and even Google-endorsed wearables.
Below are some of the more interesting ideas in wearable tech security.
Wearable tech: The ‘key to everything’?
The Shine fitness tracker has been one of the quiet hits in wearable tech, with a low price, long-lasting battery and fitness-oriented app offering a simplicity that works well on the wrist.
Its’ makers, Pearl, are to pair up with Neptune Computers - maker of a ‘watch phone’ to create a new piece of wearable tech, built to be an authenticator device, according to Neptune’s 20-year-old CEO, Simon Tian to be “a key to everything in your life”.
Neptune’s Pine is one of the few “smartwatch” devices which did not rely on pairing with a separate smartphone - it has its own aerial built in, and runs a version of Android 4.1.
Details on the authenticator watch - and how it will work - have been sketchy since the partnership was announced in March.
Better security than your smartphone?
Despite repeated rumors, mainstream smartphones haven’t made the next leap in biometric security yet - and switched to iris scans.
An Indiegogo-funded smartwatch, Fidelys, aims to change that with an ultra-secure infrared iris-scanning camera - putting the fingerprint swipe pads of phones such as iPhone 6 and Samsung’s Galaxy S5 in the shade.
The probability of two individuals having the same iris is one in two trillion, the makers of Fidelys say. Iris scans are less likely to offer “false postiives” than fingerprint scans - and the makers of Fidelys say that people are more likely to accept them, as unlike fingerprint scans, they’re not associated with law enforcement.
Fidelys’s Jung woon Ryu says,“I came to realize that smartwatches are an ideal form factor for iris recognition, because we always look into our watches. In the modern world, there are always data breaches, but all we’ve done is create longer passwords. Fidelys has a single sign-on application, so once you’ve set it your password for each website you don’t have to bother with passwords again. You log in with your iris.”
The smartwatch’s infrared scanner scans irises within two seconds, using iris-scanner technology developed by InTech and used by companies such as Lockheed Martin.
The beating heart of security
The often-delayed Bionym Nymi wristband offers an entirely different - and, its makers promise, ultra-secure - take on biometrics, with the wristband measuring the ECG signature of its wearers heart in place of PC and other passwords.
The wristband has just received $14 million in Series A funding, and looks set to - finally - arrive on shelves in the near-ish future.
The Nymi has an embedded ECG (electrocardiogram) sensor, which recognises the unique pattern of its user’s heartbeat, and communicates with devices, “completely bypassing passwords and PINS,” its creators claim.
It was actually observed over 40 years ago that ECGs had unique characteristics,” Bionym chief executive Martin said in an interview with TechHive.
“The modern research into practical systems goes back about 10 years or so. What we do is ultimately look for the unique features in the shape of the wave that will also be permanent over time. The big breakthrough was a set of signal-processing and machine-learning algorithms that find those features reliably and to turn them into a biometric template.”
“The Nymi functions as a three-factor security system,” its makers claim. “It requires your personalized Nymi, your unique heartbeat, and a smartphone or device that has been registered to the app. This system allows for complete security without compromising convenience.”
Android Lollipop
Google’s push to make Android Wear watches an essential continues with the imminent Android Lollipop - the biggest overhaul yet for its mobile operating system.
The update will do away with passwords – at least for dedicated Google fans, with Google devices like Android Wear watches used to authenticate users instead of PIN codes or passwords in the new update, according to a report by PC World.
Sundar Pichoi, Google’s senior vice president in charge of both Chrome and Android revealed at Google’s I/O conference this year that Google’s Chromebooks – the company’s laptop operating system – could also be unlocked if a user’s Android L phone was present.
David Burke, Android’s Director of Engineering, said that phones could be unlocked using, “signals like locations you’ve designated, Bluetooth devices, or even your unique voice print,” according to Best Techie’s report.
Android Police commented that, “It can tether to your Android Wear device or remember your home WiFi. It will be faster to get at your content much of the time without sacrificing much in the way of security.”
Users will designate a single device to unlock each Android L phone or tablet. When a user is present, the device will signal the Android phone or tablet to say so, and the device can be unlocked without a passcode or password.
