Security At worst, an everyday smartwatch can be a wrist-tracking device on your wrist – “More confidential things, hardly read on pocket or wrist-like devices like this”

Still more people smash a wristwatch on their wrist. The smartwatch is like a small laptop that can measure heart rate, map the length and route of a running loop using gps, receive emails, text messages and even calls. Some of the information may be personal and make you think about the information security of your smart device.

The smart watch is also on the wrist of the Prime Minister Sanna Marinilla (sd), who wondered whether the messages from the Government Situation Center going to his other official telephone could also be sent to his parliamentary telephone, whose messages would be transmitted to his smartwatch. Reaching the Prime Minister with messages became a topic of conversation when he was not immediately reached for a night out in Helsinki to be told about Korona exposure.

There are security risks in both smartphones and smartphones. Neither of them, according to security experts, is suitable for handling secret or otherwise sensitive information.

“These more confidential things are hardly read or edited with devices like this in your pocket or wrist,” says the Director General of the Cyber ​​Security Center. Sauli Pahlman Finnish Transport and Communications Agency from Traficom.

Pahlman doesn’t even knock out the use of a smartwatch. For example, by sharing a good smartphone and clock, you can configure the settings so that only the so-called notification, ie a notification that a security e-mail has been received, for example, can be received on the clock for things that require greater security.

The same goes for text messages. You can be notified of your arrival on the smartwatch if you wish, but the message itself should traditionally be read on the phone screen.

Nowadays companies and organizations, such as parliament or ministries, have information security guidelines that are followed. Guidelines play a key role in what kind of data is processed by which devices.

The biggest state or company secrets are rarely handled with smart devices at all.

“If the phone and smartwatch settings and security instructions are in order, the biggest secrets will remain out of both devices. Then there is really no significant difference between which devices use it, ”says Pahlman.

“If you think about the confidential information of the state, in practice that mobile phone is already considered to be such a risk that not even very strange secrets will be passed on to the mobile phone.”

According to Pahlman, for example, the Finnish state has four levels of security classification. There are significant differences between levels in the need for data protection, and information on the highest security need or security classification is not transmitted to everyday communications at all.

Security company Senior Research Fellow at F-Secure Jarno Niemelä according to a politician or even the leader of a large and significant company should consider twice in what situations the smartwatch should be used, or whether it should be used at all.

“Who is, where is, what does, how does. These all affect. A person in a high position must have a constant threat analysis in the back of his head, ”says Niemelä.

Niemelä reminds that in addition to the leakage of secret information or messages, the use of smartwatches can also involve other risks for so-called high-profile people.

Many smartphones sort of chat with the watch user’s smartphone over a bluetooth connection. Normally, when turned on, the bluetooth device sends its own ID, as if it were its own personal address, so that a connection to other devices can be established quickly. If Bluetooth is turned off, the connection between the devices will not be as seamless.

Bluetooth is a popular connection because it consumes less power than a Wi-Fi network connection. With better smart watches, you can usually choose the connection method.

A device with Bluetooth technology can be identified by its ID. Based on the signal information, it may be possible to trace the person holding the watch on their wrist.

According to Niemelä, at its worst, a smart watch could act as a tracking device.

“Once you can see that person is there and now you can see that watch id, then you can track it wherever it goes. Through Wi-Fi, the situation is pretty much the same, ”says Niemelä.

According to Niemelä, for example, the vice president of the United States Kamala Harris therefore does not use any Bluetooth-enabled headset at all.

For the ordinary for the street walker, a smart watch is useful at best. Some watches can measure your heart rate more accurately, for example, which in some cases may be of real use when the watch’s sensor technology detects that everything is not right.

According to Pahlman of the Center for Cyber ​​Security, today you can be quite confident that, for example, health information will only remain known to the owner of the watch.

“It’s then up to the person to see how personal these are. But there have been few data leaks. Location data may be the more sensitive of these, but rarely does it go anywhere in a very secret place, ”says Pahlman.

Sharing jogging information can also be a hassle in some cases. A few years ago there was a small uproar when exercised by fitness enthusiasts Strava application log data inadvertently revealed military bases in Syria and Afghanistan. The soldiers had run into the bases using the app, which used GPS and location data to draw the boundaries of the bases on the public map of Strava.

“If you run such a square loop and, according to the map, on an empty field, then one plus one will count down pretty quickly, that there is probably something here,” says F-Secure’s Niemelä.

In security what is essential is the protection of the device, whatever the device. According to experts, it would be important to protect the device well, for example with a pin code. If the smartphone or phone is lost, an unknown person will not be able to access the information on the device directly without knowing the pin code.

In addition, the security of a smart device is affected by how it is used.

“Even a good watch’s security level can be ruined by one bad program,” concludes Niemelä.

If you install other programs on your smartwatch than the ones that come with the watch, you should check the terms of use to see what kind of information the program collects. In addition, it would be a good idea to find out where the information is stored. Even if the program itself is secure, it can store information on a server that is leaking.

“A smartphone is in greater danger in the sense that more things need to be done and more software installed. In that sense, a smartphone is a higher risk, ”says Niemelä.

In addition to selecting application programs, updating your device is important. For example, updates to smartphones have often also addressed potential security vulnerabilities.

If you are interested in the security of your own data, you should avoid the cheapest products with smart watch stores. They rarely pay special attention to software security or software upgradeability.

“As usual, the more you pay, the better you get,” says Niemelä.