Pet Apps Creating Security Risks For Owners
Oblivious pet owners could be exposing their location and login details on “vulnerable” apps used for their pets, a new study warns.
Researchers from two renowned English universities found many pet tech apps leave users’ personal information easily accessible and their devices open to cyber attacks.
The analysis shockingly showed that more than half of the apps (21/40) began tracking the user before they had been given a chance to consent to it, which violates data protection regulations.
Password vulnerability was found to be one of the most exposed areas of animal apps, as well as the locations of our cats and dogs on apps that track them.
More than half of the 40 apps studied were also found to have breached data protection regulations by tracking users prior to them having given their consent.
The study’s authors warned that with the rise of devices such as smart collars, tracking apps, automatic feeders and cameras for our beloved family pets comes a multitude of potential security risks not to be ignored.
The research, led by scientists from Newcastle University and Royal Holloway, University of London, studied 40 popular android apps used for pets, companion animals and farm animals.
Pet tech, which applies technology to improve the health, well-being, and overall quality of life of pets, is a fast-growing industry with hundreds of new futuristic products introduced each year.
Such products include wearable devices monitoring pets’ activity, heart rates and sleep; smart feeding systems which dispense food on schedules or in response to an animal’s behavior, and apps that allow owners to manage the health records of their pets and connect with veterinary professionals.
The authors explained they exposed security and privacy issues on several of the apps studied, which put users at risk by exposing their locations or login details.
Across the apps, passwords proved to be one of the most easily accessible assets of information.
The research team found that three of the apps looked at had users’ login details visible in plain text within HTTP traffic – information that passes between a device and the internet – which was not secure.
This means anyone watching the internet traffic of someone using these apps can readily find out their login details.
The researchers further found that two of the 40 apps also displayed users’ information, such as location, which left their devices open and at risk of cyber attacks.
The study, first presented at the 2022 IEEE European Symposium on Security and Privacy Workshops conference, identified trackers as another huge area of concern.
All but four out of the 40 pet-tech apps looked at were found to have some form of tracking software, which gathers information on the person using the software, how it is being used or the device the app is linked to.
The scientists additionally warned of the fact that the apps were very poor in terms of informing users of their privacy policies.
The authors of the study encouraged pet owners to check how much they are agreeing to share prior to signing up for pet tech apps.
Scott Harper, a Ph.D. student at Newcastle University’s School of Computing and the lead author of the study, advised: “Pet tech such as smart collars and GPS trackers for your cat or dog, is a rapidly growing industry and it brings with it new security, privacy, and safety risks to the pet owners.
“While owners might use these apps for peace of mind about the health of their dog or where their cat is, they may not be happy to find out about the risks the apps hold for their own cybersecurity.”
“We would urge anyone using these apps to take the time to ensure they are using a unique password, check the settings and ensure that they consider how much data they are sharing or willing to share.”
A further study by the team surveyed nearly 600 participants from the UK, Germany and the USA.
The survey asked participants about the technologies they used, incidents that have occurred and the methods used by participants to protect their online security and privacy, and whether they apply these to their pet tech.
The findings, published in the journal Proceedings of the 12th International Conference on the Internet of Things, showed that despite participants believing attacks targeting their pet tech apps may occur, they do little to protect themselves and their pets from this potential harm.
Dr. Maryam Mehrnezhad, a co-author of the study from the Department of Information Security at Royal Holloway, added: “We are using modern technologies to improve several aspects of our lives.
“However, some of these often cheap technologies come at the price of our privacy, security, and safety.
“Animal technologies can create complex risks and harms that are not easy to recognize and address.
“In this interdisciplinary project, we are working on solutions to mitigate such risks and allow the animal owners to use such technologies without risk or fear.”
Dr. Matt Leach, Director of the Comparative Biology Centre at Newcastle University added: “We would urge those developing these technologies to increase the security of these devices and applications to reduce the risk of personal information or locations being shared.”
Produced in association with SWNS Talker