Is a stranger hacking your child’s smart watch?

Smart watches sold to allow parents to keep track of their children and contact them in an emergency could be putting youngsters at risk.

Consumer experts have revealed that strangers can access the watches, which parents use to call youngsters, to spy on children.

As a result, the hi-tech devices, which can cost anything from £18 to £100, could be putting children in danger, rather than making them safer.

Smart watches sold to allow parents to keep track of their children and contact them in an emergency could be putting youngsters at risk (stock image)

Now consumer experts in Britain and Europe are calling for a ban on the watches until the security flaws have been fixed.

Alarming security loopholes mean the watches, which include GPS tracking and a mobile phone SIM card, can be accessed remotely.

As a result, strangers can track where a child is and see information on all of their past movements.

On some devices, it is possible to listen in to what a child is doing by sending a hidden text to the watch.

Hackers can intercept and change the geographical location of the watch in what is known as ‘location spoofing’.

This means that a child can appear to be in one spot when they are actually somewhere else.

Some have an SOS button that a child pushes to make a call to their parent in an emergency. However, this can be remotely disabled and even programmed to call someone else.

Consumer experts have also found that the storage of data collected on the watches can be insecure. As a result, it is possible to get information on the movements of other watch users via user apps and linked websites.

The problems have been found by consumer experts in Norway and endorsed by experts at Which? in this country.

The managing director of home products and services at Which?, Alex Neill, said: ‘Though these products are marketed at making children safer, parents will be shocked if they actually put them at risk because of shoddy security.

‘While there is no denying the huge benefits smart gadgets can bring to our daily lives, safety and security should be the absolute priority. If that can’t be guaranteed, then the products should not be sold.’

Finn Myrstad, (correct) the director of digital policy at the Norwegian Consumer Council (NCC), said: ‘It’s very serious when products that claim to make children safer instead put them at risk because of poor security and features that do not work properly.

Consumer experts have revealed that strangers can access the watches, which parents use to call youngsters, to spy on children (stock image)

Consumer experts have revealed that strangers can access the watches, which parents use to call youngsters, to spy on children (stock image)

‘Importers and retailers must know what they stock and sell. These watches have no place on a shop’s shelf, let alone on a child’s wrist.’

The NCC commissioned security experts at the firm, Mnemonic, to look at three watches that are also available in some form in the UK – the Gator, Xplora and SeTracker watches.

The Gator is sold by John Lewis and others for £99.95. The Xplora is sold free on the basis that purchasers sign up to a mobile phone contract charging £12.99 a month for 24 months – £311.76.

The SeTracker devices are part of a family of watches under various individual brands that all use the same mobile app interface.

The NCC tested the Viksfjord, which is available in Norway, but a similar watch is sold in the UK, branded as Witmoving and on sale with Amazon at an offer price of £18.66.

Mnemonic found particular problems with the Gator 2. An updated version called the Gator 3 has some security improvements.

The NCC says the failure to install strict security around the watch functions and apps represent a serious breach of privacy laws.

As a result, they have passed on their findings to European data regulators, including the Information Commissioner’s Office in the UK. These have, in turn, contacted the companies involved.

In the meantime, the NCC has advised parents who have already bought one to stop using it and take it back to the retailer for a refund on the basis of the security faults.

Xplora say they have fixed the security problem identified by the study, but this has not been verified independently.

The products from the two other companies remain available in the UK and the firms have not responded to the NCC about the security warnings.

Colleen Wong, whose company Techsixtyfour distributes the Gator watch in the UK and Europe, said action is being taken to fix the security issues.

She said: ‘I take cyber security very seriously. I have learned that issues will come up along the way and we fix them.

‘I reported this back to the manufacturer and we are launching a completely new app which will eliminate all the issues that have been found.

‘On a user level, there are things in place to prevent any other person getting into the watch.’ 

CHILD SMART WATCHES IN THE DOCK 

Gator 2

Price: £99.95

Available: John Lewis/Amazon/others

Manufacturer: Tech Sixty Four/Gator Group of China

Security problems: Unauthorised access to track wearer; Location spoofing to change the apparent position of the watch/wearer; stranger can send voice messages to watch; SOS button unreliable.

SeTracker watches eg Viksfjord and Witmoving

Price: £18.66 on offer

Available: Amazon

Manufacturer: Wonlex of China

Security problems: Unauthorised access to track wearer; Location spoofing to change apparent position of the watch/wearer; voice call hack means possible to turn watch into listening device without user’s knowledge.

Xplora

Price: £12.99 for 24 months = £311.76

Available: Company website

Manufacturer: Infomark/Pepcall AS of South Korea

Security problems: During testing it was possible to access sensitive personal data belonging to other Xplora users, including location data, names, and phone numbers. It is not known if this issue was restricted to users in Scandinavia. 

 

Read more at DailyMail.co.uk