We’ve seen a clever smartwatch hack or two, but this is not one of them.
A University of Cophenhagen student found a way to infiltrate smartwatches and trick them into giving up sensitive data like passcodes and personal identification numbers by accessing their motion data and offloading it to a secure server. And if that sounds completely terrifying, that’s because we haven’t told you how it works.
But it has a pretty big hole in its methodology.
Tony Beltramelli is the student, and the thesis outlining his smartwatch hack is called “Deep-Spying: Spying Using Smartwatch and Deep Learning.” In the abstract, Beltramelli lays down some scary doom-talk, summing it all up with, “Our results suggest that the complete technological ecosystem of a user can be compromised when a wearable wristband device is worn.”
Beltramelli created a program that can pull motion data from a Sony Smartwatch 3 and an algorithm that can sift through all of that raw information to pull out the sensitive data. It’s super impressive.
But don’t worry: You don’t have to wrap your Apple Watch in foil just yet to protect against phishing future-magic because Beltramelli’s program has a critical flaw. Namely: How many people wear their smartwatches on their dominant hand, (i.e. the one they’d be using to enter this data)? Awesome, smart programs and algorithms aside, the program simply doesn’t work if the target isn’t using the arm their watch is on.
It’s kind of like if someone could access my hand movements through my Apple Watch to steal this post while I was writing it — all they’d get from that last sentence would be “awessatrgrasadagrtsasdeteacsdestwrfetargetstsgtearterwatcs.” Only it wouldn’t even be a direct parallel because for most people, the smartwatch hack would provide absolutely no relevant data.
It’s still an interesting idea, however, and it’s absolutely a good plan to keep safety and security in mind and understand how your new devices work. But you probably don’t need to worry about anyone stealing your PIN this way.