If a thief snatches your Apple Watch or Android Wear device, he or she will have no problem wiping the wearable clean and pairing it with another smartphone. Do we really need to worry about smartwatch security now?
Apparently the answer is: Yes.
Apple added Activation Lock to the iPhone when it introduced iOS 7 in 2013. The tool prevents unauthorized people from erasing or reactivating an iPhone because it requires the owner's Apple ID and password. The feature, often referred to as a kill switch, has generated positive results by reducing the number of iPhone thefts. Before Activation Lock was available, thieves could steal an iPhone, reset it, and resell it. Now they cannot reset it, which makes stolen iPhones more or less worthless on the street. iPhone thefts, in turn, have declined.
Google and Microsoft added similar features to their Android and Windows Phone platforms, respectively.
The Apple Watch lacks Activation Lock or similar security feature, according to iDownloadBlog. Writer Jeff Benjamin was able to reset his Apple Watch, bypass the security code, and then pair it with a different iPhone under a different Apple ID with no trouble at all.
Why is this a big deal?
It increases the Apple Watch's appeal for thieves.
If the device can be easily reset and paired with a new iPhone, it has value on the street. The wearable is pricey. The entry point is $349 and escalates quickly to $1,099 and beyond, depending on the model. What's perhaps more worrisome than the property loss is the act of theft itself. People are often careless and will leave their iPhones on tables in restaurants, or hold them loosely when walking down the street. It's easy for thieves to snatch them and go without hurting anyone. Not so with the Apple Watch. Thieves will have to rip it off the owner's arm, which could lead to injury or worse.
(Before you ask, your data is relatively safe. First, personal information is protected by a passcode. Second, once the Watch is moved away from the owner's iPhone, it has limited access to personal details.)
To be fair, Google's Android Wear platform suffers from the same lack of security. There are no protections in place whatsoever. It takes only a few moments to reset an Android Wear device and pair it with a new Android smartphone. There are no codes, no passwords, no forced Google ID checks. Nothing. Android Wear smartwatches don't have quite the same visibility the Apple Watch does, nor do they cost as much, but it won't hurt any less to the Android Wear owner who has their watch yanked off.
Bottom line: Your expensive stuff will always be a target for thieves.
In the case of the Apple Watch and Android Wear, it would be nice if Apple and Google put some form of ID check in place to decrease their appeal for criminals. Neither company has commented on the report.
Update. After this article was published, Google sent the following response:
"You can go to your phone and via the Android Wear app, disconnect your sync to the watch." According to Google, this will protect users' data.
[Did you miss any of the InformationWeek Conference in Las Vegas last month? Don't worry: We have you covered. Check out what our speakers had to say and see tweets from the show. Let's keep the conversation going.]