Security News > 2021 > November > Smartwatches for children are a privacy and security nightmare
Researchers analyzed the security of four popular smartwatches for children and found pre-installed downloaders, weak passwords, and unencrypted data transmissions.
The analysis demonstrates that most of these devices arbitrarily collect and periodically transmit sensitive data to remote servers without the user knowing about it.
The research was conducted by the Dr. Web antivirus team, which looked into Elari Kidphone 4G, Wokka Lokka Q50, Elari FixiTime Lite, and Smart Baby Watch Q19. These are all Android-based smartwatches that are very popular in Russia, and their prices cover a wide range of costs.
The transmitted information includes SIM card info, geolocation data, device info, phonebook contacts, installed apps list, SMS count, and phone calls history.
The researchers discovered that the watch has a weak default password, and all data transmitted between it and the Russia-based server is unencrypted.
Elari FixiTime Lite transmits sensitive data such as GPS coordinates, voicemails, and photos using the unencrypted data transfer protocol.