It’s clear that the Watch will require an iPhone, or at least some kind of iOS device, in order to perform certain functions. Phone calls are the most obvious case, but the same is true of at least some of the exercise apps; the Watch has an accelerometer, but no GPS. Apple is actually clear about this; in the “Made to measure all the ways you move” section of their Features page for the Watch, it says “…it uses the GPS and Wi-Fi in your iPhone to track how far you’ve moved.”
Wait a minute… Did it say “Wi-Fi in your iPhone”? This tells me that the Watch itself has no ability to talk to the Internet except through the iPhone. Probably it talks only Bluetooth. As a result, other than for telling time and some other mundane functions, you’ll need an iPhone nearby, paired with the Watch, and with a sufficient battery charge, in order to use the Watch.
It was authentication that got me thinking about all this. If you want to be at all secure in your use of your computer, you require at least entering a password when you log on. With your phone you require at least a PIN. What about the Apple Watch? What is its authentication mechanism?
I was curious about this and asked Apple. They have not replied, but I will update this story if they do. In the meantime, it’s all speculation, but I think the questions are reasonable, particularly when the Watch may be used with enterprise data and functions.
It’s clear to me now that there will be no authentication functions on the Watch itself. Will there be any need for user authentication on the Watch? That depends on whether there is actually privileged software or sensitive data on the Watch. If you lose the Watch and someone else gets it, you don’t want that person to be able to read data on it or access apps.
If there is data, is it encrypted? That would mean that either they are doing cryptography on the watch CPU or, in addition to the rest of the system on a chip, there is a crypto processor in the Watch. I find both hard to believe.
In fact, there can’t be much of a CPU or RAM or storage on this device, so I suspect the Watch offloads processing to the iPhone if the CPU needs are more than trivial. Siri may be an example of this. Already Siri offloads many functions to the cloud; why shouldn’t the Watch offload them to the iPhone, which could them do its own offloading to the cloud?
So, no biggie? So you’ve got an iPhone anyway? I’m sure there are people who assumed, at least at first impression, that they wouldn’t need their iPhone anymore when they went running. But they’ll need that iPhone for just about anything. Battery dead? Your Watch is just a watch now.
The good news in this is that businesses probably don’t have to worry much about managing the Watch itself. There are new reasons to manage the user data on the iPhone itself more carefully, since some of that may be health data critical to the user. But you should already be careful about that.
For the consumer or business user, I’m less clear on the implications. If someone steals your Watch can they pair it to their own iPhone? Can they get at any of your data?
Incidentally, all this means that there may be no “Find my Apple Watch” app. The watch itself certainly has a unique ID of some kind, but if it has no Wi-Fi I doubt it has a IP address, and therefore you wouldn’t be able to find it directly. It could be that the iPhone tells Apple the IDs of Watches connected to it and that Apple can check this against a list of lost or stolen Watches, but this may not be a place where Apple wants to go.
Apple released very little information Tuesday about the Watch, other than that it’s pretty and horologically advanced. IT abhors an information vacuum, so I am left guessing at how all this works. Got a better idea? Do you know something I don’t? Please let me know in a comment.