Many Sex Toy Apps Remain Insecure and Vulnerable to Hacks

0
25

  • Sex Toys can reveal sensitive information about their users via the accompanying application.
  • The new trend is pushing companies to release products quickly, paying no attention to security.
  • Users are advised to pick secure products, as there are some good and safe ones out there.

As sex tech becomes mainstream the concerns around the security of the devices rise. Following the 2019 ban in CES, the field returned to the popular Las Vegas exhibition without limitations this time, and they were admittedly a hit. However, there’s a problem with these smart vibrators, patches, and orgasm monitors. They are all connected to an app, and thus connected to the internet. This makes them inherently vulnerable to hacker attacks, and the problem gets even worse considering that most of the sex toy manufacturers aren’t very well versed or experienced with security.

In this point of time specifically, we are seeing many products in the field that have been developed by one person, or a small team of people who pay no regard to matters of security and user data privacy. In other cases, we have seen products rushed to get ready and presented on CES, trying to take advantage of the hype and ride the wave along with more established players. As experts comment, two out of three sex toy manufacturers right now don’t pay any attention to the security of their products whatsoever.

The main issue here is the APIs that are used by these companies and the apps themselves. Hacking the device would require someone to be nearby, so this is usually not an issue. However, what happens on the application and the data server backend is something out of the users’ reach. Nowadays, we have products that can measure the pelvic floor movement and vaginal wall contractions, estimating the level of the user’s arousal and sending feedback to the app so as to regulate the vibrations and reach optimal performance. When this data is linked with an email address, username, and anything else that could connect it to a real identity, then we have a grave privacy problem.

Some companies like Lovense admit to collect user data, but they claim to wipe the user logs regularly and never to sell them to a third party. Others like MysteryVibe don’t keep data and don’t request the user to create a profile, because they fear that they could get hacked. So, the choice is yours and it’s clear that besides the size, color, and performance promises of your new sex toy, you should also consider the security and user privacy systems that are in place on the accompanying app. If there’s no other way, at least use an anonymous email address and a fake username.