Smartwatch security still not up to scratch

Manufacturers choosing convenience over safety

Smartwatch manufacturers have been accused of choosing convenience over security after a damning report laid bare the current situation.

Trend Micro and First Base Technologies tested all six of the "big brand smartwatches" on the market and found that overall physical device protection on all devices was poor, with no authentication via passwords or other means turned on by default.

"Across all of the smartwatches that were tested, it is clear that manufacturers have opted for convenience at the expense of security," Bharat Mistry, Cyber Security Consultant at Trend Micro commented. "On the surface, a lack of authentication features can make devices appear easier to operate, but the risk of having personal and corporate data compromised is much too big of an issue to forget about."

The Motorola 360, LG G Watch, Sony Smartwatch, Samsung Gear Live, Asus Zen Watch, Pebble and Apple Watch are among those that were tested and the latter was the only one that had a timeout function.

The Apple Watch also had the largest amount of sensitive data stored locally on the device, however, it is also the only one that has a complete wipe option following a number of failed login attempts.

User authentication not good enough

Google's Android Wear OS, meanwhile, got a poor write up when it came to its trusted devices feature as it could allow anyone with a smartphone and smartwatch to have unrestricted access to both.

It's not the only time that a study has been scathing of smartwatch security. A separate report from HP's Fortify division looked at 10 different wearables and again reported big frailties when it comes to user authentication and various other security issues.