Smart toys or connected toys are the toys that need to connect to the Internet as part of the toys’
functionality. Smart toys can have one or more of the following: Mic, speaker, Cameras, GPS, Motion
detection sensor, etc. They can you these devices to collect personal information from children including
child name, photos, voice recordings, location, etc. Collecting children personal information is governed
by several Acts and laws such as The Children's Online Privacy Protection Act (COPPA).
Smart toys can either work by themselves or by using companion apps which can increase the
vulnerability surface against children privacy.
Topic 1: Toys/Apps Analysis
In this Topic, you need to investigate the smart toys and Companion Apps to figure out the following:
- Personal identifiable information (PII) they collect
- Security measures they apply to protect the data collection/transmission.
- Ads and analytics services used: which data they collect, security measures they apply.
- Vulnerabilities: weak passwords, online bruteforcing, etc
- Attack trees with possible attacks and proof of concepts.
- COPPA Compliance
(you can read more about COPPA from: [login to view URL]
Hi,
I have 10 years of information security experience and can provide you an excellent researched article.
Relevant Skills and Experience
I hold CISSP and CISM certification and have done MS computer engineering.
Proposed Milestones
$100 CAD - Advance
$122 CAD - Completion
I have got 12 plus years of experience in information Security. I have worked on the security assessments of various IoT devices including smart home devices and associated apps.
Relevant Skills and Experience
Compliance, Vulnerability and risk assessment
Proposed Milestones
$155 CAD - Task delivery