Smartwatches and fitness apps are the rage these days. Whether or not you are really a fitness enthusiast, owning a fitness band or a smartwatch is cool. After all, they are the latest in smart accessories. They serve the purpose of a watch, a calorie counter, as well as an app that motivates you to reach your fitness goals.
Everything Is Smart!
These fitness bands and watches require Internet or WiFi connection, and some of them even let you receive calls and message when you are away from your phone. Because they look stylish, come in a variety of colors, and serve multiple purposes.
As convenient as these devices are, especially for those trying to get into shape, the security of these apps, bands, and watches is a matter of concern, as has been recently experienced by Finnish fitness company, Polar Fitness.
The company has decided to temporarily suspend its global activity map, Explore, after various reports of flaws in the app’s privacy settings. The flaw makes it easy for anyone to determine the location of the users. This is very concerning because the flaw also helps discover the names and addresses of users, including those in the military or intelligence services.
This geolocation privacy problem has been found in many other fitness apps too. Most people are usually concerned about the privacy of websites and networks.
Rarely do people think about the security of the various apps they use. Many people today have adopted modern technology and use smart devices to keep a tab on calories, watch their weight, and get motivated to stay fit.
Hackers are also not far behind in adopting technology to harm people. Fitness apps are a big target of hackers because privacy and security aren’t the first things users of fitness apps think about.
What is Polar Fitness?
Polar is a Finnish fitness company that has been around since 1977 and is best known for their heart rate monitors. A heart rate monitor is not only for those with a heart condition; it is also for those who want to burn more calories and speed up their metabolism.
Polar is a renowned fitness company that also produces GPS-enabled bike computers, fitness and running watches, and performance trackers. Polar Fitness products are designed for all types of physical activity from swimming, to yoga to cross-training for tracking daily activity and calorie consumption.
Polar fitness products are renowned for their accuracy and durability. They are used by all categories of people, from elite athletes and swimmers to fitness professionals to regular fitness conscious individuals.
Polar also has a number of fitness apps, including Polar Flow and Polar Beat. By connecting your Polar fitness watches, heart rate monitor, and tracking bands to these apps on your smartphone, you can keep a tab on your activities, calories, and overall fitness.
The problem in question is with the Explore feature of the Polar Flow app. With the global activity map Explore users can consult the GPS in real time to find new routes, collaborate with other athletes or fitness enthusiasts, and see individual training sessions by choosing the time, route distance, and type of activity.
What is the Issue?
Users of the Polar Flow app can opt to have their information included in Explore, but can also keep their profiles private. Polar claims that marking a profile private will prevent the service from sharing the date with third-party apps like Google and Facebook.
However, the investigation into the privacy breach found that the data from Polar’s map could easily be used to locate sensitive data like military sites, and also find out a user’s name and address. Upon digging deeper it was also possible to locate the names and addresses of users, which included military personnel and intelligence services around the world.
The Polar Explore map records the activity of every user since 2014, and by putting together the information, it was possible to find out the users name, accurate location, and home address.
Even users who had marked their profiles private had their entire workout history public, which could let anyone see their frequent workout locations. The Polar website also has considerable information about specific locations, which could let any normal individual with a little technical prowess to find out the identities of users.
Made the Necessary Changes
Polar Fitness has apologized for the flaw and assured that there was no privacy breach. It has suspended the Explore feature on the Polar Flow app until they can figure out how you tighten privacy on the app.
Earlier this year, another fitness app Strava, was under scanner when it was found that its heat map let anyone find out locations of military and intelligence service personnel in remote locations like Afghanistan and Turkey.
Before using any app, users are advised to be careful about sharing personal information like name and location.