A look at the security and privacy of Fitbit as a health activity tracker

Jason Orlosky; Onyeka Ezenwoye; Heather Yates; Gina Besenyi

doi:10.1145/3299815.3314468

A look at the security and privacy of Fitbit as a health activity tracker

Jason Orlosky, Onyeka Ezenwoye, Heather Yates, Gina Besenyi

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

6 Scopus citations

Abstract

Given the popularity of consumer grade wearable health trackers, there is an increasing need to evaluate their accuracy and security. In this paper, we present the results of a study with 24 participants who used and evaluated a small form factor personal health device, the Fitbit Blaze. Our study includes both the analysis of data taken from an exercise-based experiment and a review of the security risks associated with current protocols used to access Fitbit device data and participant information. In addition to discussion of the FitBit’s accelerometer and pulse data as compared to clinical grade devices, we gathered and analyzed subjective participant data on usability and perception of privacy and security using both quantitative and subjective methods. Results showed that FitBit accuracy was not equivalent to medical grade devices, that a majority of risk comes from potentially fraudulent third party applications, and that users are typically justified in their concerns.

Original language	English (US)
Title of host publication	ACMSE 2019 - Proceedings of the 2019 ACM Southeast Conference
Publisher	Association for Computing Machinery, Inc
Pages	241-244
Number of pages	4
ISBN (Electronic)	9781450362511
DOIs	https://doi.org/10.1145/3299815.3314468
State	Published - Apr 18 2019
Event	2019 ACM Southeast Conference, ACMSE 2019 - Kennesaw, United States Duration: Apr 18 2019 → Apr 20 2019

Publication series

Name	ACMSE 2019 - Proceedings of the 2019 ACM Southeast Conference

Conference

Conference	2019 ACM Southeast Conference, ACMSE 2019
Country/Territory	United States
City	Kennesaw
Period	4/18/19 → 4/20/19

Keywords

Health tracker
Perception
Privacy
Security
Validation

ASJC Scopus subject areas

Hardware and Architecture
Software
Computational Theory and Mathematics
Computer Science Applications

Access to Document

10.1145/3299815.3314468

Cite this

A look at the security and privacy of Fitbit as a health activity tracker. / Orlosky, Jason ; Ezenwoye, Onyeka; Yates, Heather et al.
ACMSE 2019 - Proceedings of the 2019 ACM Southeast Conference. Association for Computing Machinery, Inc, 2019. p. 241-244 (ACMSE 2019 - Proceedings of the 2019 ACM Southeast Conference).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Orlosky, J , Ezenwoye, O, Yates, H & Besenyi, G 2019, A look at the security and privacy of Fitbit as a health activity tracker. in ACMSE 2019 - Proceedings of the 2019 ACM Southeast Conference. ACMSE 2019 - Proceedings of the 2019 ACM Southeast Conference, Association for Computing Machinery, Inc, pp. 241-244, 2019 ACM Southeast Conference, ACMSE 2019, Kennesaw, United States, 4/18/19. https://doi.org/10.1145/3299815.3314468

@inproceedings{384222dbc3f84e678781646e3906c7b1,

title = "A look at the security and privacy of Fitbit as a health activity tracker",

abstract = "Given the popularity of consumer grade wearable health trackers, there is an increasing need to evaluate their accuracy and security. In this paper, we present the results of a study with 24 participants who used and evaluated a small form factor personal health device, the Fitbit Blaze. Our study includes both the analysis of data taken from an exercise-based experiment and a review of the security risks associated with current protocols used to access Fitbit device data and participant information. In addition to discussion of the FitBit{\textquoteright}s accelerometer and pulse data as compared to clinical grade devices, we gathered and analyzed subjective participant data on usability and perception of privacy and security using both quantitative and subjective methods. Results showed that FitBit accuracy was not equivalent to medical grade devices, that a majority of risk comes from potentially fraudulent third party applications, and that users are typically justified in their concerns.",

keywords = "Health tracker, Perception, Privacy, Security, Validation",

author = "Jason Orlosky and Onyeka Ezenwoye and Heather Yates and Gina Besenyi",

note = "Publisher Copyright: {\textcopyright} 2019 Association for Computing Machinery.; 2019 ACM Southeast Conference, ACMSE 2019 ; Conference date: 18-04-2019 Through 20-04-2019",

year = "2019",

month = apr,

day = "18",

doi = "10.1145/3299815.3314468",

language = "English (US)",

series = "ACMSE 2019 - Proceedings of the 2019 ACM Southeast Conference",

publisher = "Association for Computing Machinery, Inc",

pages = "241--244",

booktitle = "ACMSE 2019 - Proceedings of the 2019 ACM Southeast Conference",

}

TY - GEN

T1 - A look at the security and privacy of Fitbit as a health activity tracker

AU - Orlosky, Jason

AU - Ezenwoye, Onyeka

AU - Yates, Heather

AU - Besenyi, Gina

PY - 2019/4/18

Y1 - 2019/4/18

N2 - Given the popularity of consumer grade wearable health trackers, there is an increasing need to evaluate their accuracy and security. In this paper, we present the results of a study with 24 participants who used and evaluated a small form factor personal health device, the Fitbit Blaze. Our study includes both the analysis of data taken from an exercise-based experiment and a review of the security risks associated with current protocols used to access Fitbit device data and participant information. In addition to discussion of the FitBit’s accelerometer and pulse data as compared to clinical grade devices, we gathered and analyzed subjective participant data on usability and perception of privacy and security using both quantitative and subjective methods. Results showed that FitBit accuracy was not equivalent to medical grade devices, that a majority of risk comes from potentially fraudulent third party applications, and that users are typically justified in their concerns.

AB - Given the popularity of consumer grade wearable health trackers, there is an increasing need to evaluate their accuracy and security. In this paper, we present the results of a study with 24 participants who used and evaluated a small form factor personal health device, the Fitbit Blaze. Our study includes both the analysis of data taken from an exercise-based experiment and a review of the security risks associated with current protocols used to access Fitbit device data and participant information. In addition to discussion of the FitBit’s accelerometer and pulse data as compared to clinical grade devices, we gathered and analyzed subjective participant data on usability and perception of privacy and security using both quantitative and subjective methods. Results showed that FitBit accuracy was not equivalent to medical grade devices, that a majority of risk comes from potentially fraudulent third party applications, and that users are typically justified in their concerns.

KW - Health tracker

KW - Perception

KW - Privacy

KW - Security

KW - Validation

UR - http://www.scopus.com/inward/record.url?scp=85065905419&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85065905419&partnerID=8YFLogxK

U2 - 10.1145/3299815.3314468

DO - 10.1145/3299815.3314468

M3 - Conference contribution

AN - SCOPUS:85065905419

T3 - ACMSE 2019 - Proceedings of the 2019 ACM Southeast Conference

SP - 241

EP - 244

BT - ACMSE 2019 - Proceedings of the 2019 ACM Southeast Conference

PB - Association for Computing Machinery, Inc

T2 - 2019 ACM Southeast Conference, ACMSE 2019

Y2 - 18 April 2019 through 20 April 2019

ER -

A look at the security and privacy of Fitbit as a health activity tracker

Abstract

Publication series

Conference

Keywords

ASJC Scopus subject areas

Access to Document

Other files and links

Fingerprint

Cite this