The topic is not new, but the deception felt towards measures taken by actors of the sector makes it stick: security is to connected devices what a unicorn is to reality: a pipe dream. The BEUC, a gathering of european customer defense organizations, has recently revealed, thanks to a Norwegian study, how children dedicated GPS manufacturers fail to comply with security constraints.
All manufacturers? For us at Weenect, data security is a priority. Here’s our philosophy.
How is your meat stew?
Our trackers are constantly connected to our servers through the embedded SIM card. It is a little more complex than it sounds. Each tracker has a unique identifier that only circulates between the tracker and the server it is connected to. Therefore, a third party trying to interfere is systematically rejected – both by the tracker and the server – if it doesn’t produce this specific identifier. An ancient secret agent trick that efficiently applies to technology.
It is then impossible to pass any kind of request to the tracker without first getting permission from the server: no call, no triggering of the ringtone or vibrator, and of course no unwanted communication tapping. It is also impossible to rig the GPS coordinates sent by the tracker; each position is controlled and validated – telling you when your child went to the bakery instead of going straight home.
Might as well try to find a needle in haystack
GPS coordinates don’t reveal anything as is. Every story needs a main character to unfold and get the reader’s attention. Our apologies to hackers: all our data is anonymous. Geolocation data and user account information are stored on separate servers. It is impossible to link a GPS track to a specific user or tracker.
Sense of ownership
One of the risks identified by the study is multi-account tracking devices, showing that it allows hackers to intercept GPS coordinates. A Weenect tracker can only be linked to one single account, and this rule applies to all trackers. Once the identifier is linked to one account, it cannot be used for another one. Hackers lose again!
Encryption is the secret to a happy life
All the data circulating between your mobile device (through the app) or your computer and our servers are encrypted with the HTTPS protocol. No attempt to interfere between them would succeed: it’s impossible to retrieve information there either! How desperate.
Serving a good cause
Sometimes parents take decisions for their children’s good, even though the children in question may not be aware or agree with these decisions. You’ve experienced this kind of frustration with your passwords. Weenect applies two tedious procedures: after 6 failed attempts, we block your account for 24 hours. We also require certain security practices: passwords must contain at least 8 characters, upper case, lower case, numeric and special characters. It may be annoying but it is necessary to prevent more serious damage.
The right to oblivion
All your data is stored on our main server for 30 days, then migrated to secondary servers, where it is saved for a year (in case of force majeure), and finally deleted for good. Users can request that we delete their data anytime during this period. You ask, we execute.
Ok, we’re bragging about data security, but we are aware that there is no such thing as “risk zero”. Therefore, we work to find better ways to protect your data, but more importantly, we strive to make your children safe. It is our commitment to every family that places their trust in Weenect devices.
Let your children down and they will break the link; we do our best to keep it intact.
For those who don’t know yet our GPS tracker for kids they can discover it here.How Weenect secures his GPS trackers for kids' datas. Click To Tweet