Projects:2018s1-169 A Better Security Framework for Wearable Devices

Group 169 produced two research topics that are interconnected through wearable technology.

Research Topic 1: Improving the Technical Framework for Childrens Smartwatches Extended Abstract

Research Topic 2: Biometric Profiling of Wearable Devices for Medical Monitoring and Authentication

Authors

Topic 1

Inderbir Singh (Focusing on the Indian Market perspective)

Luke Jennings (Focusing on the Australian Market perspective)

Topic 2

Munirah DeVries

Supervisors

Matthew Sorell

Richard Matthews

== Topic 1: Improving the Technical Functionality of Children’s Tracking Watches ==

Technical Abstract

The objective is to improve the functionality of the children’s safety watch SpaceTalk [1] such that it provides increased safety measures in commonplace Australian social scenarios. Several safety watches have been found in Europe to be more detrimental to safety than intended, and as a result, have come under heavy investigation [2]. Since the technology is rather new and can still have the potential to provide for children’s safety, understanding the issues around them and improving them is vital as the technology moves forward. The challenges involved are that some of the improvements that can be suggested may work for the Australian market, however, if the watch is then taken internationally those improvements may violate international privacy and surveillance laws and become detrimental to child safety. Hence this project is being investigated from two different perspectives. One from the Australian perspective, which is the focus of this paper, and the other from the Indian perspective. Since the two countries have two vastly different social structures, the improvements discovered in each can be combined into a single flexible set of functionality improvements that can be applied internationally.

Contextual Abstract

Under the umbrella of Children’s wearable’s, one team is responsible for identifying the devices that are currently on the market, and are vulnerable due to lack of security. A second team is looking at another specific device, provided by a sponsor organization, which is very good at its technical security but lacks the understanding of its market specialization. Kristine Hovhannisyan (Estonian Student) will be focusing on the legal framework within Estonia and in European market regarding SpaceTalk device. Finally, Luke Jennings and Inderbir Singh (the author) are focusing on a fresh space for a worldwide market with a focus on the following questions: “If we are to develop this device for world market by taking into account of privacy, security and safety, what does that mean in different social and cultural context? What are the implications for these devices and technical implementation requirements with the system?” In other words, the purpose of this research study is to identify cybersecurity vulnerabilities from a humanitarian perspective and redesign the technical functionalities of the watch to be able to satisfactorily deal with social situations in two different cultures, India and Australia, as well as provide data safely, securely, and quickly to law enforcement in the most extreme of cases.

Introduction

There has been a rapid enhancement in technology advancing in the previous decade. This poses a dilemma within and between technological innovation, cyber-crime and legal regulations. From one perspective, technology has such a great influence on serving its purpose and keeping an individual up to date and secure. On the other side, the law is wrestling with either liberating or restraining on such security [2]. In today’s society, children’s smart-watches are available in the market and gaining popularity worldwide. Parents prefer these over smartphones because of a one-size-fits-all approach, technical functionality and sturdiness. This is a fantastic safety device for parents, however, there is the possibility that these devices could be used for malicious purposes. These children’s smartwatches have features that not only allow the parents to control who the child can communicate with through the device, but they can also activate GPS tracking to determine the child’s location at any time [3]. These technical implementations are challenged by different social and cultural contexts, whilst also abiding by the national laws. The laws around surveillance and consent are crucial, and some of the smartwatches available in the market favour functionalities over legal constraints. As such the technical functionalities of these devices must be reformulated to provide a solution to possible security flaws in different environmental scenarios, notably in Australia and India. At the same time, it is pertinent to ensure maximum data and storage security for the device, as well as making the information available to the law enforcement in some extreme cases when required. If any security breaches are identified, the company or manufacturers will be informed so that remediation and counter-measures and be put in place. At the same time, creating a public awareness about possible threats associated with the device so that user’s privacy isn’t compromised is also important.

Background

In Australia one smartwatch acts as a 3G phone has GPS tracking and SMS messaging. Its security features consist of SOS Alerts, where a button can be pressed to call a sequence of guardians or local authorities, as well as contains Safe Places, which alert the parent or guardian if the smartwatch leaves or arrives at a predetermined location. These functions are controlled by an accompanying app, where parents can control the communications the smartwatch has with other phones. The app can be used by multiple family members under a single login, which is one of its largest security issues. Currently, there is nothing to stop or control the access, or other family members who have gained access to the account. Should family relations become strained, the child’s smartwatch now effectively acts as a surveillance device potentially operated with ill-intent. This particular device will be used as a starting point to propose technical solutions. Conversely, in India, there isn't a leading brand of children's smartwatch, and they don’t suffer as much from these situations. Instead, crimes such as abduction and abuse of children are more common and call for a security device that parents can use to ensure the safety of their children. The task at hand is to formulate a flexible technical solution that incorporates the different sets of technical requirements for both environments.

1.1 Research Question

1) Can the technical framework of children’s smartwatches be reformulated to better ensure the safety of the child, or prevent it from being used as an illegal surveillance device in domestic circumstances in Australia? (Being researched by Luke Jennings) 2) Can the technical framework of children’s smartwatches be reformulated to better ensure the safety of the child in extreme scenarios such as kidnapping and abuse, in developing countries like India? 3) Can the data stored by children’s smartwatches be made more readily available to law enforcement such that they can act quickly in extreme circumstances? 4) Provided a solution can be found to questions 1 and 2, can they be combined into a single flexible technical framework that satisfies the requirements for different environmental contexts?

1.2 Motivation

Children’s tracking watches come with many different functionalities, but the main feature that distinguishes them from other devices as a safety device is their ability to allow parents to track their children through GPS on an accompanying smartphone app. This now raises the issues of children’s consent and private data and now involves surveillance tracking laws. This is important to consider because in Europe, many children’s tracking watches have been banned and have called for any of these devices to be destroyed, due to the possibility of their security being broken and being utilised as an illegal surveillance device. Additionally, the features and customer rights when using such devices have also become under investigation [2].

This project is being investigated from two different contexts. The first is the Australian perspective, where it is possible that children’s tracking devices can be misused and utilised as an illegal surveillance device. The second is the Indian perspective, where there is a genuine safety concern because crimes such as kidnapping are much more common as opposed to in Australia. Australia and India both have a different definition of child consent, and different laws regarding surveillance devices. Because of these differences, each country presents different technical requirements to ensure these children's tracking watches comply with their nation's laws and still deliver the primary objective of children's safety.

India is one of the largest developing economy in the world and has a very wide market for technology. It has the largest youth population in the world, every 1 out 5 children in the world is Indian [4]. The individuals in India come from 29 different states, 9 recognized major religions and a range of backgrounds. It has been established that the rate of crimes committed against children in the present time in India is far higher than that against adults, and has only increased over time. It is a given fact that plight of children is not likely to change. A total of 84,423 cases of crime against children were reported in India during 2014 (with an increase of 53.6% from 2013 figure of 58,224). Also, there has also been increasing number of incidents regarding cybersecurity and surveillance (especially unauthorized surveillance) reported in India [5]. The main approach to this project is to identify the severity of threat level in India against children coming from average middle class to upper class where parents can afford a tracking device such as the SpaceTalk smartwatch, and how such device can provide an extra level of security for their children against the safety or security threats that they are likely to face in their daily lives. Any sort of violation or crime against children can be devastating to their mental state, and can imbalance their cognitive, social, physical, and emotional development. It is vital to have a thorough understanding of the types of crimes commonly committed against children in India in order to appropriately asses and reformulate the technical functionality of children’s smartwatches, such as the SpaceTalk smartwatch, with an aim to better ensure the safety of the child in such scenarios.

Previous Studies

Cybersecurity is becoming one of the world’s most prominent areas of study and innovation. It is important to understand the differences between the vulnerabilities, risks and threats associated with cybersecurity. Without a complete understanding of these factors and related issues, an individual is at higher risk of exposure to these threats. There has been a rapid increase in cybercrime, where all businesses are now strongly encouraged to constantly monitor and manage their devices. A recent study from 2014 found that companies in Australia have experienced an increase in data breach by 18 percent within the 24 month period (1 in 5 Australian companies are expected to be attacked in years to come) [6]. Having an anti-virus and other forms of technical protection on devices are just not enough. Therefore, by law and due to ethical obligations, it is a common practice for organizations to undertake reasonable steps to ensure that the private information collected from their clients, business partners is protected and secured in a firewall encrypted database with restricted access. They are also expected to shield their IT/Data systems and the privacy of their clients. Lastly, the human factor is essential to take into account when considering technical measures with IoT devices [7]. Most of the data breaches are associated because of the defects identified within the software’s architecture and system design. Rest are stemmed from the bugs present in the software implementation. There has been an initiative established by IEEE as “IEEE Centre of Secure Design (CSD)” document emphasizing on identifying and preventing software design flaws. The CSD summarizes the top 10 most commonly and repeatedly occurring software security design flaws, as well as a recommendation for mitigating/avoiding them [8].

In October 2017, there was an investigation into children’s smartwatches by the Norwegian Consumer Council (NCC) called #Watchout [2]. Their investigation looked at the features of the apps and devices and the accompanying user terms and consumer rights for four different devices local to the area. Since the devices dealt with the tracking and communication with children, the investigation was greatly concerned with the framework of the devices, to ensure data protection laws and privacy rights of children are upheld. By testing the devices functions and reading any relevant legal documentation provided by the developers of each device, it was found that the safety features of the watches, the geofencing and SOS functions, were unreliable. The data of the children and their parents were also found to be stored in servers overseas, prominently in the US or Asia. The devices had inadequate and unclear user terms, denying users of their basic rights. Three out of four devices failed to ask for permission to collect this sensitive data and none of the devices alert the user to changing terms of service or allow for the deletion of private data records. Some of the devices utilised the same smartphone app. One of the devices even allowed for remote activation of the microphone, allowing it to act as an illegal surveillance device. It was recommended that user terms and agreements should always be provided upon registration of the account. When prompting for consent, never use prechecked boxes and must contain “I have read and accept these terms”. Private data must be used only for the operation of the device and not for other purposes and they must allow for the deletion of location history and other data. Security of processing and storage of private data must also be mentioned in the user terms. In addition to this, many security flaws were discovered which may lead to attackers taking advantage of the device, however for the purpose of this research we only consider the technical implementation of the device functions themselves.

Conversely, in India, the issue about regarding informed consent for minors is more complex, due to child marriages. According to Guardians and Wards Act (GWA), 1890, it clearly states that any person who is not over the age of 18 is a minor. Therefore, the court or appointed authority has the power to choose a guardian for the child by nominating one or removing another. Since then, there haven't been many revisions, with the latest major revision being the Juvenile and Justice (Care and Protection of Children) Act (JJC) in 2000. In 2016, this act was revised to deal with minors aged between 16-18 in the court of law by treating them as adults. The laws and policies around consent in India are outdated, with no evidence of a future reformation to be in-line with current technology. Since Australia and India are two different markets, considering the two different security needs of the children or family while understanding the laws in such environments is crucial in formulating a flexible solution.

Background'

Children’s tracking watches come with many different functionalities, but the main feature that distinguishes them from other devices as a safety device is their ability to allow parents to track their children through GPS on an accompanying smartphone app. This raises the issues of children’s consent and involves surveillance tracking laws.

SpaceTalk is known to be one of the best children tracking device/smartwatch manufactured by MGM wireless in Australia. It acts as a 3G phone consists of GPS tracking capability and SMS messaging feature. The security features of this watch consist of SOS Alerts, where a button can be pressed to call a sequence of guardians or local authorities [13]. It also consists of safe place markup tracked by the GPS which alerts the parent or guardian if the device leaves or arrives at a predetermined location. These features and functions are managed through an accompanying app, where parents or guardian can control the communications that the smartwatch has with other phones. This app can be utilized by multiple family members under a single login, this is definitely considered to be one of the largest security flaws found within this watch. The single login provides no control and full admin access to every individual who has gained access to the account. Bearing this security flaw in mind, should family relations become strained, there is a potential now that children’s smartwatch is now used as a surveillance device with ill-intent. This is important to consider because, in Europe, many children’s tracking watches have been banned and have called for any of these devices to be destroyed, due to the possibility of their security being broken and being utilized as an illegal surveillance device. Conversely, in India, there isn’t a leading brand of children’s smartwatch, and they do not suffer as much from these situations. Instead, crimes such as abduction, rape and abuse towards children are far more common and call for a security device that parents can use to ensure the safety of their children. This particular device will be used as a starting point to propose technical solutions.

In India, as per Criminal Law (Amendment) Act, 2013 has introduced cyberstalking as a criminal offence [5]. The use of tracking devices become illegal once they are utilized without an appropriate consent of the person being tracked. Even including the case where a minor is involved. The issue about regarding informed consent for minors is more complex, due to child marriages. According to Guardians and Wards Act (GWA), 1890, it clearly states that any person who is not over the age of 18 is a minor. Therefore, the court or appointed authority has the power to choose a guardian for the child by nominating one or removing another. Since then, there haven’t been many revisions, with the latest major revision being the Juvenile and Justice (Care and Protection of Children) Act (JJC) in 2015 [14]. The laws and policies around consent in India are outdated, with no evidence of a future reformation to be in-line with current technology.

Solutions

The level of control the app has over the watch needs to be changed. Once a phone has logged into the app and connected with the smartwatch, there is no way to remove that phones access and is connected indefinitely, due to the single account login by design. There is no limit to the number of phones that can log into the parents account and can track the smartwatch at any time. Furthermore, there is no indication on the smartwatch, or app, when the GPS tracking has been activated, or any log for when the device was being tracked, who by, and for how long. There is no override function for the parents to stop other phones from accessing the app. There is no notification on the app that notifies the parents that the watch isn’t being worn so that tracking cannot be activated. Conversely in India, having a notification or override that allows GPS to be activated if the watch is forcibly removed is something that should be added.

Conclusion

Several solutions have been proposed that deal with possible scenarios that may occur, however the problem that is now faced is being able to implement a flexible solution to incorporate the many different security needs. More possible scenarios will be researched to provide a broader understanding on the requirements these devices shall need. Additionally, other similar devices will be researched to see how well they already cope with the scenarios proposed. The result of all this research will be to provide a flexible framework for smartwatches that shall be able to provide security and safety in multiple social environments.

Topic 2: Introduction

Biometric data from wearable devices provides a range of advantages from dynamic authentication to improved hospital grade patient monitoring. Bio- metric data is data that has been collected and processed for the identifica- tion of biological organisms through confirmation of unique characteristics.[1] Due to the unique physiologies of every individual it is proposed that a unique biometric fingerprint can be developed that can replace current au- thentication methods, from passports to passwords. In addition, the long- term monitoring and recording of biometric data would further improve the health care industry by providing physicians with a biological history to tailor better-informed medical advice and diagnosis. It is further proposed that there is a requirement for improved health monitoring devices that are marketed for at-home use. The digitation of Australian health care records is a small step towards at-home management of health care, which can be improved through online doctor-patient con- sultations that are facilitated by uploading biometric data from at-home medical equipment. It is suggested that prevention techniques will be im- plemented more successfully due to patients being better informed through the access of their medical and biometric data.[2]

The Aims

The current study focuses on the extraction of biometric information from non-intrusive wearables. Recreational and popular wearable devices, such as Fitbit and Apple watch, are under investigation due to the consistency in which they are worn, and their commercial in uence on consumers. The aim of the study is to determine the quality of biometric information obtained from the recreational wearables, to understand the devices' limitations, and the future improvements required to target user authentication and clinical- quality biometrics. The following study will initially focus on the children's wearable device, Spacetalk, and its limitations and security features regarding biometric data. Detailed engineering level access to the architecture and ecosystem of the the Spacetalk provides a solid platform for the study. The discoveries and conclusions will develop a foundation to understand the requirements for higher functioning wearables. The paper will continue by exploring current research and technology within the electronic health care system. Other technological applications for the biometric data will be discussed, mainly the idea of a wearable authentication device. This will lead into the analysis of a collection of biometric data obtained from the Fitbit and Apple watch. The analysis will include the processing stages and personalised conclusions which relate to the biological functions and activities of the user. The con- clusions along with unique biometric patterns will provide the basis of the unique user profile. The paper will continue by analysing the limitations of these devices, and thus future improvements that can be implemented for hospital-grade wearables. Suggestions for future research will be provided to conclude the study.

What is Spacetalk

The South-Australian company, MGM wireless, are known for successfully commercialising the use of the SMS automated communication system in 2002. The system facilitated communication between schools and parents, in particular school attendance, monitoring child safety and general parent communications. The company has successfully incorporated the technology across more than 1,350 schools in Australia, New Zealand and America. The company places emphasis on its strict privacy and data security standards which are upheld through complying with the Federal Australian Privacy Act 1998, and ensuring all employees and consultants undergo regular police checks.[3] Their success in child monitoring and security has evolved into a children's wearable device, called Spacetalk, which encompasses both a smartwatch and phone. The Spacetalk device allows parents to monitor and track their children through an app called \AllMyTribe". While the Spacetalk has been well received by parents, exhibited in sales \exceeding expectations"[4], does the watch truly protect the biometric information of the child?

Quasi-biometric Features

The Spacetalk watch incorporates two basic quasi-biometric features, the GPS and pedometer. Due to the simplicity of these features a standard accelerometer and MT6580 processor were implemented into the Spacetalk. The in-app processing of the quasi-biometric data incorporates limitations in the tracking of the user. The logging of GPS locations to the app's history has a minimum setting of every 5 minutes. However, this results in a battery life of approximately seven hours and therefore is not a desirable setting. The GPS history, starting from the moment of pairing the device is currently stored within AllMyTribe's systems, and accessible to parents through the app. Furthermore, the GPS included limited accuracy of a few meters, and the pedometer was observed to be insensitive to steps and resulted in lower than expected values. The limitations of the Spacetalk are beneficial to the security of the child, as the data limits the ability to construct a quasi-biometric profile.

Future Research

From the results of the Spacetalk device, two significant questions propel the future research of wearable devices for patient monitoring and authen- tication. 1. What combinations of biometric data are required to characterise a user through a unique profile? 2. What limitations are placed on the processing of data from the wear- able sensors and how can these be improved to produce clinical-quality biometric data? These questions will be explored by analysing the type and quality of data obtained from the Fitbit and Apple watch, and the types of sensors and data processing features implemented by the devices.

Green-light technology - Apple watch and Fitbit

Unlike the Spacetalk, Apple watch and Fitbit, among other wearables, in- corporate multiple sensors for obtaining a wide range of biometric informa- tion. One of the most common is a photoplethysmography (PPM) which is a green-light-based optical sensor that measures heart rate. The colour of light plays a critical role in the functionality of sensors. Green light is almost completely absorbed by oxy-haemoglobin, resulting in reduced sig- nal distortion of the heart rate measurement.[5] To achieve an engineering level understanding of green light technology as a sensor, a PPM will be constructed and processing techniques will be explored to understand the link between biometric accuracy and PPM data modulation.

Red-light technology - Hospital grade devices

Red-light-based optoelectronic sensors are utilised by hospitals to measure biometrics, such as measuring the amount of oxygen in the blood, and res- piratory rates. Red light is able to penetrate the body, due to its low ab- sorbability, and therefore is able to achieve more insightful data from a larger volume of tissue.[6] Unfortunately, a deeper penetration results in a higher noise distortion of the data, resulting in more complex processing techniques. For this reason, it is not desirable for companies to implement this technology in their wearable devices. This technology is being imle- mented by wearables such as the Biostrap, which utilises red LEDS and infrared PPM to claim clinical{quality heart analysis. Alternative and hy- brid sensor architectures such as red-light sensors, and red and blue light sensors will be explored to understand the device architecture required to obtain a wider range of biometrics for the development of a user profile.

Authentication

Physiological differences in individual's cardio-vascular and respiratory sys- tems are mirrored in the biometric data. Heart rate variability (HRV) is an inherent property of the heart and therefore attempts have been made to utilise it for biometric authentication. Unfortunately, there is a lack of HRV literature targeted towards biometrics.[7] The aim is to collate research among interdisciplinary studies to suggest how physiological properties such as HRV can be used to create an individual profile which can be embedded into a wearable device. The device would other an alternative to two-face authentication as it would essentially be something that knows something about something you are.

Conclusion

Common limitations of wearable devices include, transmission abilities, en- ergy reserve and device memory storage. Previous research has explored algorithms for data management, in particular the transmission of data through wireless interfaces to replace memory storage within the device. The techniques utilised include lossy data compression techniques and the analysis of the techniques complexity and compression performance. These techniques along with previous research and results will be explored to sug- gest suitable methods of data processing for both hospital grade and au- thentication purposes.

References

[1] techopedia. What is biometric data? - definition from techopedia, 2018.

[2] Australian Digital Health Agency. The future of digital health, Feb 2017.

[3] MGM. About us the most trusted name in school sms solutions, 2018.

[4] Alex Zaharov-Reutt. Spacetalk kids' smartwatch phone sales 'exceed expectations', Feb 2018.

[5] Michael Sawh. Red light, green light: Why fitbit's sensor shake-up is a huge deal, Aug 2017.

[6] Optoelectronic sensors in medical applications, Sep 2003.

[7] Nazneen Akhter, Sumegh Tharewal, Vijay Kale, Ashish Bhalerao, and KV Kale. Heart-based biometrics and possible use of heart rate vari- ability in biometric recognition systems. In Advanced Computing and Systems for Security, pages 15{29. Springer, 2016.

--A1687299 (talk) 17:43, 8 April 2018 (ACST)