We are devastated by the recent media coverage about the misleading Mnemonic report and the concern it may be causing parents and our customers.
Xplora takes privacy and any potential security flaw extremely seriously. We were founded with the mission of giving children a safe onboarding to digital life and encouraging a better balance between screen time and physical activity. We are proud of the trust our customers place in us and keep it top of mind every day.
Since being alerted about a potential issue by a reporter, we developed a patch for the Xplora 4 that eliminates this issue and we pushed it out prior to 8:00 a.m. CET on October 9.
Transparency is important to us, so we want to give you the full story and background.
From the start, we asked parents what they wanted
When we were first developing the Xplora Smartwatch, we sat down with parents around the world and asked them what features they wanted. Parents told us they wanted to be able to reach their children in an emergency. If their child was kidnapped, parents wanted to be able to see them and to know their surroundings. Parents wanted to be able to receive an emergency SOS or place an emergency call even in areas where 4G did not work.
We listened and Xplora (and only Xplora) designed those features into the smartwatch. We had a great manufacturing partner in 360 Kids Guard Co., Limited in Hong Kong, the world’s largest manufacturer of kids watches, for hardware manufacturing. We enhanced the hardware with Xplora specific features, such as the #Goplay platform and other software enhancements.
Before manufacturing began, we took a step back and asked ourselves what could be the unintended consequences? How do we balance parents’ desire for these features with privacy concerns? (and this was even before the new Personal Data Act and the implementation of the EU’s General Data Protection Regulation in Norwegian law).
We realized these features that parents wanted went a bit too far for our comfort and we removed them entirely from our app and from our watches before we started manufacturing them.
Or we thought we did.
Due to human error we missed a few pieces of code in the firmware. Although we removed the ability for users or the average person to access these features, unfortunately, as we found out, some of the code was still there and could be activated with physical access to the smartwatch and specialized tools and knowledge.
To do this, you need to take some pretty impressive steps.
It is important to note that the potential flaw requires physical access to the X4 watch and the watch’s private phone number. The phone number for every Xplora watch is determined when it is activated by the parents with a carrier so only the parents, the carrier and the secure Xplora servers know it.
The encryption key can be identified only if you have local access to the clock. This means that even if the user finds the encryption key of his watch, he cannot use it for another watch to trigger the snapshot.
In the unlikely event that the snapshot command is triggered, the snapshot will be uploaded to Xplora's server at Amazon Web Service in Germany. All the company's servers are located in a highly secure environment of Amazon Web Service, and only two authorized Xplora personnel have access to the system through a secure VPN channel, and every interaction is tracked and monitored.
Let me be clear, unauthorized people cannot access the watch, take photos and send it to themselves.
Only authorized callers can make voice calls to the watch. We block all other phone numbers.
When we were alerted by a reporter (and not the security company – who never reached out to us), we made fixing this a top priority. On Friday, October 9, we released a patch to the firmware which makes it impossible for anyone to activate these capabilities. We conducted an extensive audit since we were notified and have found no evidence of the security flaw being used outside of testing.
We realize you may have concerns. We are happy to answer any questions you may have. Comment here, email us at firstname.lastname@example.org.
We realize some of the trust you have in us has been damaged. We will work tirelessly to restore it and continue on our mission – to help parents better communicate with their children and get them more active.