A look at the security and privacy of Fitbit as a health activity tracker

Jason Orlosky, Onyeka Ezenwoye, Heather Yates, Gina Besenyi

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Given the popularity of consumer grade wearable health trackers, there is an increasing need to evaluate their accuracy and security. In this paper, we present the results of a study with 24 participants who used and evaluated a small form factor personal health device, the Fitbit Blaze. Our study includes both the analysis of data taken from an exercise-based experiment and a review of the security risks associated with current protocols used to access Fitbit device data and participant information. In addition to discussion of the FitBit’s accelerometer and pulse data as compared to clinical grade devices, we gathered and analyzed subjective participant data on usability and perception of privacy and security using both quantitative and subjective methods. Results showed that FitBit accuracy was not equivalent to medical grade devices, that a majority of risk comes from potentially fraudulent third party applications, and that users are typically justified in their concerns.

Original languageEnglish (US)
Title of host publicationACMSE 2019 - Proceedings of the 2019 ACM Southeast Conference
PublisherAssociation for Computing Machinery, Inc
Pages241-244
Number of pages4
ISBN (Electronic)9781450362511
DOIs
StatePublished - Apr 18 2019
Event2019 ACM Southeast Conference, ACMSE 2019 - Kennesaw, United States
Duration: Apr 18 2019Apr 20 2019

Publication series

NameACMSE 2019 - Proceedings of the 2019 ACM Southeast Conference

Conference

Conference2019 ACM Southeast Conference, ACMSE 2019
CountryUnited States
CityKennesaw
Period4/18/194/20/19

Fingerprint

Health
Accelerometers
Experiments

Keywords

  • Health tracker
  • Perception
  • Privacy
  • Security
  • Validation

ASJC Scopus subject areas

  • Hardware and Architecture
  • Software
  • Computational Theory and Mathematics
  • Computer Science Applications

Cite this

Orlosky, J., Ezenwoye, O., Yates, H., & Besenyi, G. (2019). A look at the security and privacy of Fitbit as a health activity tracker. In ACMSE 2019 - Proceedings of the 2019 ACM Southeast Conference (pp. 241-244). (ACMSE 2019 - Proceedings of the 2019 ACM Southeast Conference). Association for Computing Machinery, Inc. https://doi.org/10.1145/3299815.3314468

A look at the security and privacy of Fitbit as a health activity tracker. / Orlosky, Jason; Ezenwoye, Onyeka; Yates, Heather; Besenyi, Gina.

ACMSE 2019 - Proceedings of the 2019 ACM Southeast Conference. Association for Computing Machinery, Inc, 2019. p. 241-244 (ACMSE 2019 - Proceedings of the 2019 ACM Southeast Conference).

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Orlosky, J, Ezenwoye, O, Yates, H & Besenyi, G 2019, A look at the security and privacy of Fitbit as a health activity tracker. in ACMSE 2019 - Proceedings of the 2019 ACM Southeast Conference. ACMSE 2019 - Proceedings of the 2019 ACM Southeast Conference, Association for Computing Machinery, Inc, pp. 241-244, 2019 ACM Southeast Conference, ACMSE 2019, Kennesaw, United States, 4/18/19. https://doi.org/10.1145/3299815.3314468
Orlosky J, Ezenwoye O, Yates H, Besenyi G. A look at the security and privacy of Fitbit as a health activity tracker. In ACMSE 2019 - Proceedings of the 2019 ACM Southeast Conference. Association for Computing Machinery, Inc. 2019. p. 241-244. (ACMSE 2019 - Proceedings of the 2019 ACM Southeast Conference). https://doi.org/10.1145/3299815.3314468
Orlosky, Jason ; Ezenwoye, Onyeka ; Yates, Heather ; Besenyi, Gina. / A look at the security and privacy of Fitbit as a health activity tracker. ACMSE 2019 - Proceedings of the 2019 ACM Southeast Conference. Association for Computing Machinery, Inc, 2019. pp. 241-244 (ACMSE 2019 - Proceedings of the 2019 ACM Southeast Conference).
@inproceedings{384222dbc3f84e678781646e3906c7b1,
title = "A look at the security and privacy of Fitbit as a health activity tracker",
abstract = "Given the popularity of consumer grade wearable health trackers, there is an increasing need to evaluate their accuracy and security. In this paper, we present the results of a study with 24 participants who used and evaluated a small form factor personal health device, the Fitbit Blaze. Our study includes both the analysis of data taken from an exercise-based experiment and a review of the security risks associated with current protocols used to access Fitbit device data and participant information. In addition to discussion of the FitBit’s accelerometer and pulse data as compared to clinical grade devices, we gathered and analyzed subjective participant data on usability and perception of privacy and security using both quantitative and subjective methods. Results showed that FitBit accuracy was not equivalent to medical grade devices, that a majority of risk comes from potentially fraudulent third party applications, and that users are typically justified in their concerns.",
keywords = "Health tracker, Perception, Privacy, Security, Validation",
author = "Jason Orlosky and Onyeka Ezenwoye and Heather Yates and Gina Besenyi",
year = "2019",
month = "4",
day = "18",
doi = "10.1145/3299815.3314468",
language = "English (US)",
series = "ACMSE 2019 - Proceedings of the 2019 ACM Southeast Conference",
publisher = "Association for Computing Machinery, Inc",
pages = "241--244",
booktitle = "ACMSE 2019 - Proceedings of the 2019 ACM Southeast Conference",

}

TY - GEN

T1 - A look at the security and privacy of Fitbit as a health activity tracker

AU - Orlosky, Jason

AU - Ezenwoye, Onyeka

AU - Yates, Heather

AU - Besenyi, Gina

PY - 2019/4/18

Y1 - 2019/4/18

N2 - Given the popularity of consumer grade wearable health trackers, there is an increasing need to evaluate their accuracy and security. In this paper, we present the results of a study with 24 participants who used and evaluated a small form factor personal health device, the Fitbit Blaze. Our study includes both the analysis of data taken from an exercise-based experiment and a review of the security risks associated with current protocols used to access Fitbit device data and participant information. In addition to discussion of the FitBit’s accelerometer and pulse data as compared to clinical grade devices, we gathered and analyzed subjective participant data on usability and perception of privacy and security using both quantitative and subjective methods. Results showed that FitBit accuracy was not equivalent to medical grade devices, that a majority of risk comes from potentially fraudulent third party applications, and that users are typically justified in their concerns.

AB - Given the popularity of consumer grade wearable health trackers, there is an increasing need to evaluate their accuracy and security. In this paper, we present the results of a study with 24 participants who used and evaluated a small form factor personal health device, the Fitbit Blaze. Our study includes both the analysis of data taken from an exercise-based experiment and a review of the security risks associated with current protocols used to access Fitbit device data and participant information. In addition to discussion of the FitBit’s accelerometer and pulse data as compared to clinical grade devices, we gathered and analyzed subjective participant data on usability and perception of privacy and security using both quantitative and subjective methods. Results showed that FitBit accuracy was not equivalent to medical grade devices, that a majority of risk comes from potentially fraudulent third party applications, and that users are typically justified in their concerns.

KW - Health tracker

KW - Perception

KW - Privacy

KW - Security

KW - Validation

UR - http://www.scopus.com/inward/record.url?scp=85065905419&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85065905419&partnerID=8YFLogxK

U2 - 10.1145/3299815.3314468

DO - 10.1145/3299815.3314468

M3 - Conference contribution

AN - SCOPUS:85065905419

T3 - ACMSE 2019 - Proceedings of the 2019 ACM Southeast Conference

SP - 241

EP - 244

BT - ACMSE 2019 - Proceedings of the 2019 ACM Southeast Conference

PB - Association for Computing Machinery, Inc

ER -