- Category: Tech & Science
- Published Tuesday, February 2, 2016
- CTV News
Wearable fitness trackers are becoming increasingly popular, as users turn to these devices to help them monitor indicators of their health and physical activity.
Fitness trackers including Fitbit and the Apple Watch are surging in popularity, and are proving to be popular gifts.
On Christmas Day, Fitbit's app was the most downloaded on Apple's app store, suggesting that the fitness trackers were a hot seller during the holiday season.
For those who aren't familiar with them, wearable fitness trackers are devices that can be attached to an individual, and will collect information about the user's physical activity levels.
Commonly collected data include total steps taken, total stairs climbed, total hours of sleep and total calories burned in a day.
This data is often uploaded to a user's personal account, typically registered with their personal email, where they can check their progress over time. Many wearables also allow users to connect with others, to compare and share their progress.
While these devices can help individuals keep track of their activity levels and stay motivated to reach their fitness goals, people should take steps to make sure this information is secure, says Eset Senior Security Researcher Stephen Cobb.
Cobb says that people who use fitness trackers should remember the kinds of often very personal information they're uploading to their accounts.
He pointed to a major security breach last year, when toy-maker VTech, which makes smart watches for children, discovered that the personal information from approximately five million customer accounts related to kids' profiles had been compromised.
"You might say, 'What does it matter if somebody gets my personal information?'" Cobb told CTVNews.ca. "There are two things to worry about, really: One, it's just not really nice if a stranger, potentially a criminal stranger, gets your personal information, and two, there may be attempts to use that information in some sort of scam or scheme."
He suggests people who wear fitness trackers consider taking the following steps to increase the security of their personal information they're uploading to their registered accounts:
1. Give your device a name that is not recognizable, or easily traceable to you. So, for example, don't call your fitness tracker "John Clark's Fitness Tracker." Instead, create a user name for your device which is hard for somebody to track back to you, Cobb said.
2. When creating an online account to store your personal data, use a unique, strong password that is difficult for anyone to guess. Cobb said this is especially important for people who have accounts with multiple services online, and who use the same email and password for each one. People who do this face extra security risks, because if there is a security breach at one company, hackers potentially have access to all of your other accounts, he said.
3. When accepting friends to follow through your fitness tracker, be aware of exactly what information you're sharing and with whom you are sharing it. "The social aspect of fitness trackers is very interesting, and has the potential to improve the value you get from the tracker," Cobb said. "But just like social networking, you want to be very careful who you accept as friends… don't accept people unless you're absolutely sure who they are, and you're clear on what you're sharing."
5. Keep an eye on the news about these devices. This is especially important, as fitness trackers are relatively new, Cobb said. As they increase in popularity, the risk associated with them may change, he said.
In an email to CTVNews.ca, Fitbit said it has always been committed to protecting consumer privacy and keeping data safe.
"Fitbit has committed to never share users' personal information with others unless the user directs us to," the email said.
The company says it uses "privacy by design" principles, to ensure that transparency, consumer choice and security are prioritized in the design of all Fitbit products. It notes that Fitbit users are in full control of when, or if, they share any of their data, and that these sharing settings are set to private as a default.
"It is the user's choice to share their data," the company said.
In addition to using a unique password for every online account, Fitbit also recommends users take steps to keep their computers free from malware. More information on Fitbit security can be found on its website.
Apple did not reply to CTVNews.ca's request for comment.