A serious vulnerability was discovered in the Norwegian-made children’s watch Xplora, which allowed anyone to send messages to the watch and thus contact the child. The loophole was found by IdentityStream’s CEO, Tore Olav Kristiansen, when he examined his daughter’s smartwatch. Xplora was notified of the flaw and closed the vulnerability shortly after receiving the message.
Kristiansen believes that such a serious security risk should have consequences. The incident highlights the importance of good security in products for children, something the Norwegian Consumer Council has pointed out for years – as early as 2017, they warned about vulnerabilities in smartwatches for children. The case illustrates how critical identity security is, especially when it comes to protecting the youngest users.