Smart Ring Security

By Grayde Bowen | 03/02/2025 | Share:

Smart Rings are following up on Smart Watches as an attractive consumer wearable. Costs and services offered vary widely but typically include health and exercise tracking. These are particularly attractive as a ring is easily adapted to measure factors such as blood pressure or heart rate from the finger. They are also easier to wear throughout the day and night than a smart watch and might be allowed in work situations where use of a Smart Watch is not allowed.

There are a wide variety of Smart Ring devices and functionality. The Oura Ring is one of the more popular rings. The latest Gen4 version retails at nearly £500 and like all Oura Ring requires a monthly subscription for all but basic monitoring analysis. Although the small size reduces the materials required for its manufacture it is not repairable and the internal battery cannot be replaced. The Ultrahuman Rare Luxury Smart Ring had the dubious pleasure of winning ‘least repairable device’ at the 2024 Consumer Electronics Show. The $2,200 device has a battery that only lasts 500 charges and cannot be replaced without destroying the device itself.

Some models offer the option of contactless payments. This could be achieved through linking with a connected smartphone and sending payment through a solution such as ApplePay or GooglePay. At present (February 2025) no Smart Ring payment system works this way. Instead payments are handled by a passive reading, card payment details having been previously stored on the ring. This is the same system as presenting a debit or credit card for a contactless payment and is just about as secure. The device or card needs to be very close to a store’s reader to accept the payment. A ring might be slightly more convenient as there is no need to search for and present a card or phone. On the other hand it would not be convenient to keep the ring in a wallet designed to shield from rogue readers. A potential issue is that although payment readers have an extremely short range other devices can read chips from across a room; prompting all devices in range to return their data. This technology has been used to steal details from phones and payment cards; it would be particularly successful with rings as they are more exposed to the hacker’s signals. This type of passive payment is found on some cheaper Smart Rings but note that even on more expensive devices it is the only option currently available to them if they are to offer smart payments. A notable event in this field was the closure of the McLear RingPay scheme in August 2024 on the grounds of increasing complexity and costs. Certainly security is a complex issue and any payment system will occur costs from the payment gateway.

The use of any unique chip code within the ring could be expanded. It might be read for identification purposes such as an identity pass or door key. This would almost certainly be handled by programming at the reader end. It is unlikely to find much traction with users as an organisation would need to support several rings to make it worth the programming effort. Rings could be swapped between users and unlike a card it would be tricky to visually check who is using which ring.

Most device functions concentrate on health and fitness data collection and analysis. Any data could be stored on the ring for later analysis but a more common and useful implementation is to send data to a nearby smart phone through Bluetooth as soon as it is collected. This enables real-time monitoring but is vulnerable to the security of the Bluetooth connection. Ideally any data transferred will first be encrypted on the ring but with its small size and need to conserve power consumption high levels of encryption are unlikely. The data transferred from a smart ring would be personal but not a high security risk if divulged. This would set the Smart Ring as only slightly less secure than Bluetooth headphones.

There is an issue in that the device receiving signals from the Smart Ring must have its Bluetooth function enabled. This would expose the receiver to Bluejacking and Bluesnarfing two known attacks that can expose personal data or allow rogue messages to be sent to a compromised device. These attacks can be mitigated through the Bluetooth and security settings on any connected phone.

In summary a Smart Ring is a low risk device providing it is not used for payments and that the Bluetooth settings on the receiver are enabled to restrict rogue access.

More from Security

22/04/2025

UK Cyber Security and Resilience Bill Policy Statement

The UK government chose 1st April 2025 to release details of its upcoming Cyber Security and Resilience Bill. The Bill is due to introduced …

Read post

25/03/2025

UK Government Ransomware Payment Proposals

A UK government open consultation is running from 14th January to 8th April 2025. Its aim is to gather possible reactions to legislation preventing …

Read post

18/03/2025

Windows 10 Support To End

Microsoft has announced that support for Windows 10 will end on 14th October 2025. Microsoft want their users to move to their latest Operating …

Read post

06/01/2025

Scam Promotions on Facebook

Web adverts promoting questionable offers and schemes are old hat.  Facebook is no exception but unlike wholly dubious hosts or otherwise reliable sites depending …

Read post

Categories

Sign Up

Sign up to our newsletter list here.

    Successful sign up

    Thank you for signing up to our newsletter list.

    Check your inbox for all the latest information from Kindus

    Popular Blogs

    Bitcoin – The Hidden Costs

    Google Search Vulnerabilities

    Amazon S3 Security (Simple Storage Service)

    Lessons in handling data disasters

    Energy Costs Of Data Processing
    Categories

    We use cookies on this website, by continuing to browse the site you are agreeing to our use of cookies. Find out more.