The Norwegian Consumer Council (NCC) has discovered security flaws of some GPS smartwatches for kids which make them vulnerable to hackers.
Such devices are becoming more and more popular with parents. Some of them want to encourage their child to be more active so opt for a smartwatch that tracks fitness. Others want to know their children are safe, so opt for a wearable that allows them to stay in touch and tracks their GPS location at all times. Its this latter group which, it seems, is vulnerable to hacking.
The watchdog tested four popular devices including the Gator, Tinitell, Xplora and SeTracker. Its report highlights a myriad of security flaws, privacy concerns and risks stemming from unreliable features. The only device that passed all tests was the Tinitell smartwatch.
“Many of the devices seem to originate from and/or be produced in China, and are imported to different European markets through specialized websites run by startups or enterprising individuals, in addition to traditional retailers,” the report states.
“Distributors in different countries rebranding the devices under different names further complicates the picture.”
The NCC said it was concerned that some of these devices transmitted and stored data without encryption. This means that in a few simple steps, a stranger could track, eavesdrop or communicate with the kids, or even make it appear a child is at a different location. Furthermore, some devices sent personal information to servers in North America, lacked proper terms and conditions and an option for users to delete their accounts.
“Any consumer looking for ways to keep their children safe and secure might want to think twice before purchasing a smartwatch as long as the faults outlined in these reports have not been fixed,” writes the watchdog.
Similar concerns have been raised about kids’ connected toys in the past. NCC has now issued a warning over such devices and is planning a social media campaign to publicise its findings. The manufacturers involved claim that the security flaws had been fixed or are being addressed.
To its delight, Tinitell has come out on top as being the only of the four brands with no serious security vulnerabilities.
“Customers security and integrity is and has always been the first priority at Tinitell,” said the company in a statement.
“Tinitell is fully compliant with all required privacy policies, through a detailed external audit, performed by the Swedish Post and Telecom Authority (PTS)… Tinitell puts the security and privacy of our customers first and foremost, as one of the best and safest way for parents and kids to communicate throughout the day, in a simple and secure manner.”
Check out the video publicizing the NCC findings below. You can read full 24 page report on this link.
Like this article? Subscribe to our monthly newsletter to never miss out!