There are few areas of technology, if any at all, that are growing faster than wearables. Market research from Canalys last month revealed that the market for wearable fitness bands – one of the main applications of wearable tech today – grew by a staggering 684% in the first half of 2014 compared with the first half of 2013. And you only need to watch your #IFA2014 twitter feed to see the number of announcements that are coming that relate to wearable tech. But the wearable boom also brings with it a new set of security worries the industry needs to address.
A report last month found that a Raspberry Pi could easily be programmed to track and intercept data from people passing by who were wearing gadgets to monitor their health. When you extrapolate this to other areas of wearable technology, from smartwatches and NFC rings to any number of new devices, the possibilities are sobering. A malicious attack could in theory reveal not just where you are, but your regular daily movements, how you feel, and even how and when to get into your house.
In the rush to get on board with the wearable revolution, it’s really important that manufacturers and developers don’t only consider security as an afterthought. These devices and services need to be secure by design. In addition to the devices themselves, the cloud infrastructure that stores all the data must also be tightly secured. Of course, not everything needs securing to the maximum degree, but the first step must be to do a risk evaluation, working out ways in which people can exploit a product or service; and malicious users and hackers can be extremely creative to this end. Being aware of what could potentially be at risk is vital.
Existing web services like online banking have thrived because people know the lengths to which their banks will go to keep their identities secure in an environment where hacks and cyber exploits are reported daily. Security holes in the wearable market could, if exploited at scale, undermine the industry and throttle its growth.
It’s something that’s been on our agenda for some time. Our acquisition of SafeNet and our continued efforts to develop ever more sophisticated embedded Secure Elements (eSE) in multiple form factors are developments that can stop wearable data getting into the wrong hands. But we are just at the start of the wearable era and there’s a still lot to do. The industry needs to collaborate and co-operate on this so we can reap the benefits, but not expose ourselves to data theft.