Sex toys that use Bluetooth could be vulnerable to being hacked by malicious third parties, the UK government has warned.
Remote sex toys are designed to allow a device to be used in one location while being controlled by someone in another.
Research for the Department for Science, Innovation and Technology said cyberattacks could also cause physical harm, such as overheating the device.
Harm could also be caused through the disclosure of sensitive personal information such as names, sexual or gender orientation, lists of sexual partners, information about device usage, or intimate photos and video. These could be accessible via the apps that control the devices, the research says.
The combination of sex toys and technologies has multiple vulnerabilities which demonstrate a “clear capacity to inflict physical and psychological harm on to unknowing consumers”, the research says.
Vulnerabilities include the Bluetooth connectivity that links the device with a companion app.
The research added: “Sex toys or ‘sexnologies’, the combination of sex and technologies, have multiple vulnerabilities and attack surfaces, demonstrating clear capacity to inflict physical and psychological harm on to unknowing consumers.
“Key technical vulnerabilities include their BLE [Bluetooth low energy] connectivity that links a companion app with the smart device.
“Often these connections are not encrypted, thereby rendering them more vulnerable to attack and/or interceptions from malicious third parties.”
Future concerns revolve around virtual reality and artificial intelligence-powered sex robots, according to the research.
It says: “Future concerns about sexnology increasingly revolve around the capabilities of VR and AI-powered sex robots that come with cameras, microphones, and AI voice analysis, all of which will need to be safeguarded against both physical and potential psychological harms.”
Connected sex toys, femtech, different apps, devices and sensors that aim to improve women’s health, and smart children’s toys, are among devices that are “under-regulated and thus under-secured” and “collect exceptionally sensitive data and therefore pose a high risk of harm to users, including psychological harm”, the research adds.
Vulnerabilities of smart children’s toys include device pairing with no authentication, which means anyone within radius with a Bluetooth device could pair with a toy to operate a microphone or camera, it says.
