A new report found that most of the popular fitness
trackers do a bit more than just count the number of steps the user has taken. They
let others in on your progress as well.
In the early draft of Every Step You Fake: A Comparative Analysis of Fitness Tracker Privacy and Security,
the Canadian nonprofit Open Effect said that all the devices it studied
transmitted a unique Bluetooth identifier that can be tracked by beacons that many
retailers are using to recognize their customers. Only the Apple Watch had a
technique to block the beacons, according to a report in PC World.
The bands can be tracked even if they’re not paired
with a smartphone, according to the researchers. Companion apps for the wearables
also leak login credentials, allowing users to submit fake tracking
information.
“In
the course of our technical investigations into transmission security, data
integrity, and Bluetooth privacy, we discovered several issues that confirm
concerns about the potential uses of fitness-tracking data beyond the typical
case of a user monitoring their own personal wellness,” wrote the authors of
the report. “The fitness data generated by several wearable devices can be
falsified by motivated parties, calling into question the degree to which this
data should be relied up for insurance or legal purposes.”
