May 9, 2017


The increasingly connected world brings new conveniences that greatly benefit our everyday lives. No new connected device seems more ubiquitous than wearable devices – nearly 33 million were in use in the U.S. in 2015 by an estimated 20 million people. Smartwatches like Pebble and Apple watch allow us to access the internet with a flick of a wrist. Wearable health tech like the Fitbit and the gadget-class favorite Jawbone help improve the livelihoods of millions.

As much as wearables bring value to our lives, they also create a new opportunity for criminals to extract personally identifiable information. Like many other new technologies, security vulnerabilities in wearables are being exposed and potentially exploited.

The more information that’s collected, the easier it is to identify account numbers and passwords as well as medical ID numbers and tax return data. Better understanding the individual’s routines and habits ensures that criminal activity will go unnoticed for longer periods of time.

But some wearable data can provide quicker wins for identity thieves:

Most wearable devices use an accelerometer and gyroscope to track forward motion and directional orientation. Some even contain an altimeter to measure altitude for hikers and climbers. All of this data is crunched into code that orients the user’s specific location and tracks their activity – sometimes down to a few inches. Shockingly, new research found that ATM PIN codes could be discerned from the data in wearables’ sensors with 80% accuracy on one try and 90% accuracy after three tries.

A flash survey conducted by corporate identity management firm Centrify exposed some worrying trends:

  • 69% of wearable device owners don’t utilize login credentials such as passwords, fingerprint scans, or voice recognition to access their device, and
  • 56% of wearable owners use their device to access corporate applications such as Outlook, Dropbox, and Salesforce.
  • While the sample size was small, the survey was conducted at the RSA Conference, one of the world’s largest gatherings of information security professionals. If those on the frontline of data security leave their personal and corporate data at risk, it’s easy to imagine that the population at large may be even less cautious – jeopardizing their identities and your corporate data security.

Staying Secure With Wearable Devices

While wearables (and all technology, for that matter) are never 100% secure, there are a number of tactics that can be undertaken to minimize the risk of data theft:

  • Opt-out of automatic data transmission that will continually upload information via Wi-Fi or other networks.
  • When using a Wi-Fi, stick to known and/or secure networks.
  • Enable passwords and change them regularly. If available, use two-step authentication.
  • Physically secure the device if it’s not in use. Particularly, when traveling, utilize hotel safes.
  • Take time to learn how to remotely erase data so that the device can be “cleaned” if it’s lost or stolen.
  • Make sure to regularly update the operating system in order to patch known security gaps.

Looking for ways to minimize your risk of identity theft? Maintain a peace of mind while using your wearable device by enrolling in Optima’s ID Protection Plan at optimatax.idprotectiononline.com.