How wearable device manufacturers can ensure end-to-end security

Wearable technology is one of the fastest-growing segments of the consumer internet of things (IoT) market, projected to grow from $240.94bn in 2023 to $555.92bn by 2030.

From smartwatches and fitness trackers to health monitors and biometric sensors, wearable devices offer a range of consumer benefits, such as convenience, personalisation, and enhanced functionality. However, they also pose significant cybersecurity risks, which could compromise the privacy and safety of users and their data.

One of the main challenges of securing wearable devices is that they are often connected to other devices, weaving a complex network with endless entry points for cybercriminals. Additionally, the data that wearables devices collect, and store can be very sensitive.

Biometric data can be used to spoof and breach accounts, GPS data to track and spy, and financial information to commit theft and fraud.

Mitigating attacks with biometrics

Biometrics can add a much-needed layer of security to the traditional access and authentication mainstream technologies. Beyond usernames, passwords, and PIN codes, biometrics in wearables have a unique potential. Equipped with sensors, wearables can capture and store voice, fingerprints, face ID, and even heartbeats and behaviour characteristics.

Personal data collected by wearable devices can be used to authenticate the user of a wearable device and prevent unauthorised access or tampering. Wearables tend to have more intimate and close access to personal biometric data.

For example, wearable biometric security can analyse pitch, tone, accent and voice behaviours in voice recognition. Artificial intelligence (AI) algorithms can detect if the voice is being impersonated, clean up background noise, and identify honest changes in the user’s voice, such as those caused by an illness.

Another feature that wearables offer is heart monitoring sensors. Heart rate biometrics are extremely difficult to spoof by bad actors. Similarly, using accelerometers or gyroscope sensors, wearables can recognise, for example, a user’s walking pattern and style.

The most robust biometrics technology to date involves fingerprints. Fingerprint biometrics are standardised and reliable, and the sensors used for this tech are easy to implement.

Additionally, smartphone manufactures are highly experienced with fingerprint ID hardware and software, making integration for developers seamless. Fingerprint biometrics can be embedded into anything, from a simple ID card with production costs in single-digit dollars to keyrings and USB thumb drives to under-screen sensors for rugged smartwatches.

Biometric challenges

Biometrics in wearables can increase security and enhance user convenience – eliminating the need for passwords or PINs. It provides seamless access, increasing user trust, deterring criminals, and improving personalisation. But biometrics does not come without challenges.

Companies and software developers offering biometric security for wearables must consider privacy risks when deploying their products.

Biometric data must be stored responsibly to prevent revealing or sharing with third parties data such as the user’s identity, health, location and activities. The way a company collects, stores, transmits and processes biometric data is fundamental. The entire lifecycle of data must be secure and ethical and always respect the user’s consent and control.

Furthermore, developers must understand that biometrics alone is not as strong as when combined with other security technologies. They must integrate biometrics with encryption, liveness detection, or multi-factor authentication for effective results.

Finally, companies must gain insight on how the AI or machine learning models that are at the core of biometrics technology work. This must be so when outsourcing or developing in-house biometric technologies.

Biometric AI algorithms are trained with datasets to ensure accuracy and operational efficiency. But suppose a FaceID biometric tech is trained with a biased database – containing mostly white male faces – it will most likely not be capable of recognising diverse populations. The bias of gender, race or disability can have ethical implications leading to discrimination which impacts users.

Fortunately, there are ways to measure bias.

The National Institute of Standards and Technology (NIST) in the US actively monitors bias, and provides reports that include detailed accuracy for all kinds of demographic details for every enrolled algorithm.

Biometrics can secure wearables from cyberattacks by providing a reliable and convenient way of authenticating the user of a wearable device. However, biometrics also require careful consideration of privacy, security, and diversity issues to ensure their effectiveness and acceptability for wearable users.

The bottom line

To mitigate these cyberthreats, wearable device manufacturers and vendors must adopt a proactive and comprehensive approach to security covering the entire product lifecycle, from design and development to deployment and maintenance.

By following best practices and standards, those working in the IoT space can enhance the security of their products and services while also delivering value and innovation to their customers.

Ján Lunter is the CEO at Innovatrics

Read: Fitbit launches three new wearable devices

Also read: Apple unveils Vision headset in search of post-iPhone future