Comments On Kids’ Smartwatch Leaking Location Data

Security researchers found that a cheap smartwatch made in China for children, called M2, was exposing the personal details and location information of more than 5K children and their parents. This is particularly timely with holiday shopping in full swing.


EXPERTS COMMENTS
Terry Ray, Senior Vice President and Fellow ,  Imperva
November 27, 2019
For the personal consumer, it’s hard to know which company you can trust with your data.
The collection of personal data isn’t new nor is the exposure of such data. What makes this exposure interesting is the use of a public facing API to access the data. Gartner noted recently that public facing APIs will be the most frequently used threat vector by 2022 and this is a great example of the growing attraction to APIs. APIs are broadly used in modern applications, often change frequently, sometimes daily, and will continue to grow in their use throughout every major industry. The other issue with APIs is the internal trust model companies use to allow communication between company owned components and internal data storage. Most companies today, trust the API user to access all approved data behind it. This type of implicit trust means that when an API is breached, so is the implicit trust to the sensitive data behind that API. Often times, companies even forego monitoring application and API data access because they assume that data access is secure and trusted, when in fact, this data is actually both sensitive and at risk through such vulnerabilities or misconfigurations. For the personal consumer, it’s hard to know which company you can trust with your data. This isn’t any easier today than it was in recent years past. Consumers should demonstrate their need for data security through their purchasing decisions, and purchase from companies with effective track records of protecting personal consumer data.

If you are an expert on this topic:

Dot Your Expert Comments

SUBSCRIBE to alert when new comments are posted on this news. :



Join the Conversation

Join the Conversation


In this article