Several security flaws were found on the Chinese SMA-WATCH-M2 smart watches by AV-Test teams. These vulnerabilities allow access to sensitive information such as the names, addresses and geo-tracking of the owners. This children’s smartwatch is not very secure. Researchers have revealed that the servers hosting the databases are not encrypted and that they reveal various sensitive information.
The watches in question were manufactured and marketed by the Chinese company Shenzhen Smart Care Technology Ltd for only $35. It can be found in several European countries including Poland, Spain, the Netherlands and Germany. It allows parents to track their child’s geo-tracking, make voice calls and define a geographical area not to be exceeded. The watch is thus linked to parents’ smartphones. The smartwatch servers were therefore not secure and do not perform any checks. Finally, communications are not encrypted. Thus, the researchers were able to access the real-time geo-tracking of the children as well as the children’s travel times.