Smartwatches, wearables open door to hackers: study

People who wear smartwatches and connected fitness gadgets can open the door to hackers who could gain access to their data by spying on them as they type, US researchers say.

In a study released this week, University of Illinois researchers said they could use the motion sensors of a smartwatch to determine what users are writing on a keyboard.

The researchers created an application to track the minute motion of keystrokes as a wearer types. The data was fed into a "keystroke detection" program to analyze the timing of each movement and displacement of the watch.

For example, the left wrist moves farther to type the letter T than the letter F. By analyzing these movements, the researchers could often determine the words being typed.

"Sensor data from wearable devices will clearly be a double-edged sword," said Romit Roy Choudhury, a professor of electrical and computer engineering at Illinois.

"While the device's contact to the human body will offer invaluable insights into human health and context, it will also make way for deeper violation into human privacy."

The researchers said a camouflaged application installed on a smartwatch could enabled hackers to gather data typed into emails, search queries or confidential documents.

A Samsung watch was used for the project, but the researchers said that any wearable device that uses motion sensors, such as the Apple Watch or Fitbit, could be vulnerable as well.

The research "demonstrates that sensor data from smartwatches can leak information about what the user is typing on a regular (laptop or desktop) keyboard," according to the research paper presented this week at MobiCom 2015, an international conference in Paris on mobile computing.

"By processing the accelerometer and gyroscope signals, tracking the wrist micro-motions, and combining them with the structure of valid English words, reasonable guesses can be made about typed words."

The researchers said there are limits to how much can be gleaned using this method, but noted there is "early evidence that the magnetic field on the keyboard is quite telling of the position of the wrist," which could allow more detailed analysis of keystrokes.