Watch Your Smartwatch

Abstract

Smartwatches are trending devices that give its users the ability to be connected, send/receive emails and messages, keep track of health and fitness, and even make calls on the go. Despite these benefits, the disadvantages of smartwatches can be equally terrifying. Smartwatches contain sensitive data and useful information that could be misused if a smartwatch gets lost or stolen. This paper develops a framework to do forensics for smartwatches according to three analysis stages: physical, backup, and wireless communication. We followed the proposed framework using Apple Watch. We found that the watch stores a lot of personal information such as contacts details, text messages, calendar details, Emails, pictures, and wallet data including: stored payment cards, gate passes, and event tickets, if any. In addition, the logical acquisition of the backup files revealed to us that more sensitive information such as the user's secure ID, Wi-Fi, Bluetooth, and MAC addresses can be extracted directly from the backup. Therefore, users must encrypt their backup files to keep their personal data secured. Based on our experiment, we believe that a smartwatch can be used as a valuable evidence for forensic investigators and a more advanced framework must be further developed in this emerging field.