I’d like to learn more about Newcastle!

read

Are our pets leaking information about us?

By Newcastle University
 pet cat and dog rest on the grass

We’re a nation of pet owners, and pet tech has increasingly become a responsible way of caring for and protecting our animals. But how might these new technologies be putting our personal data at risk?

What are pet technologies?

The use of pet tech – technology which improves the health, wellbeing, and overall quality of life of pets – is on the rise among the general public. It includes a wide range of products, including GPS location devices, pet cameras, and automatic feeders, which can also be used to dispense medication.

Specific examples of pet tech include wearable devices that monitor a pet's activity levels, heart rate, and sleep patterns, as well as smart feeding systems that dispense food on a set schedule or in response to the animal's behaviour. There are also apps and platforms that allow owners to track and manage their pets' health records and connect with veterinary professionals.

Is pet tech leaking your information?

Computer scientists at Newcastle University and Royal Holloway, University of London have exposed multiple security and privacy issues by evaluating 40 popular Android apps for pets and other companion animals as well as farm animals.

The results show that several of these apps are putting their users at risk by exposing their login or location details.

In a study of animal-related applications, the research team performed static, dynamic, and network traffic analysis on 40 apps (20 pet and 20 farm). The experiments were to assess how the apps perform in terms of privacy and whether any serious security vulnerabilities were present within them.

Password vulnerability was one of the areas exposed by the team. They identified three applications that had the user's login details visible in plain text within non-secure HTTP traffic. This means that anyone is able to observe the internet traffic of someone using one of these apps and will be able to find out their login information. This would enable them to access this app and further user accounts with the same login details. In addition to login information, two of the apps also showed user details, such as their address and exact location, that may enable someone to gain access to their devices and risk a cyber-attack.

Issues with trackers and privacy policies

Another area of concern identified in the study was the use of trackers. All but four of the applications were found to feature some form of tracking software. A tracker is a piece of software that gathers information on the person using the application, on how they use it, or on the smartphone being used.

The scientists also warn that the apps perform very poorly in terms of notifying the user of their privacy policy. Their analysis shows that 21 of the apps are tracking the user in some way before the user even has a chance to consent to this, violating current data protection regulations.

Additionally, the privacy policies were communicated poorly, with only 4 of the apps explicitly requiring the consent of the user after clearly showing the privacy policy. 23 of the apps had no mention of their privacy policy at all.

What precautions are pet tech users taking?

A second study by the research team included a survey of almost 600 participants from the UK, USA, and Germany. The researchers asked questions about the technologies used, incidents that have occurred or participants believe may occur, and the methods used by participants to protect their online security and privacy and whether they apply these to their pet tech.

Published in the journal Proceedings of the 12th International Conference on the Internet of Things, the findings show that participants do believe that a range of attacks may occur targeting their pet tech. Despite this, they take few precautions to protect themselves and their pets from the possible risks and harms of these technologies. There is a clear difference between the number of precautions taken for general online use and pet technologies, among participants. This highlights that users likely take the risks of pet tech devices and systems less seriously and view attacks against them as less of a threat.

Recommendations for Pet Tech Users

The researchers urge those who are using pet tech, to ensure they are using a unique password only for that app, check the settings and consider what data they are sharing. Owners should be aware of the risks and research any new 'Internet of Things' devices they bring into their home. Guides such as Mozilla's `*Privacy Not Included' project are available to help inform consumers on the potential security and privacy risks of these devices.

 

Reference

Harper, M. Mehrnezhad and M. Leach, "Are Our Animals Leaking Information About Us? Security and Privacy Evaluation of Animal-related Apps," 2022 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW), Genoa, Italy, 2022, pp. 38-51, doi: 10.1109/EuroSPW55150.2022.00012.

Harper, S., Mehrnezhad, M., & Leach, M. (2022). Security and privacy concerns of Pet Tech Users. Proceedings of the 12th International Conference on the Internet of Things. https://doi.org/10.1145/3567445.3571102


You might also like:


Be the first to read the research stories that matter. Sign up now.

Tags: Data, Research, Research Excellence