- Security TWENTY
- Women in Security
The security of internet-connected ‘smart’ toys has often been raised in the public domain as a cause for concern. A hack could not only provide the ability to spy on the owners of the toys but they could also film them and gain access to personal information, writes Paul Marshall, Chief Customer Officer, at Eseye, an IoT and M2M telecoms company.
When a toy uses Wi-Fi in the home it could be relatively easy to hack and re-programme, so it could be sent instructions to update the firmware or change the way it operates. The hacker is then inside your trusted home security network – with greater ability to explore and hack other connected devices in your home, including your security cameras or alarm system.
While infringement of anyone’s privacy is disturbing, the ability to spy through a smart toy also provides the dangerous ability to not only watch or communicate with a child, but also locate them.
The problems associated with securing connected toys, or any connected devices, are exacerbated by the fact that manufacturers don’t make just one – many make millions of the same thing. This means once somebody has one of those toys, they also have the ability to work out the vulnerabilities in all of those millions of products.
The configuration and certification of connected toys is therefore critical to ensure they are secure. However, providing this capability has been an industry-wide problem for some time. But it can be achieved – by using a SIM, such as the AnyNet Secure, specifically designed as an automated solution to enable connected devices (including toys) to remotely and securely activate, connect, certify and authenticate.
The most important feature of this type of SIM is the ability to provision and launch the device onto a network without any physical contact. This means there’s no need for manual passwords or physical intervention in any way.
It’s a simple way to enable millions of parents to configure millions of toys; when they each register their child’s toy they can deliver their own security requirements directly into the SIM card over the air. Ultimately, the result is a vast reduction in risks for the manufacturer – and more importantly the parent.