Barbie is getting a digital makeover.
Children are able to interact with the doll through a microphone and speaker located on Barbie's trendy necklace. Rechargeable batteries in her legs allow the doll to play for roughly an hour before she needs to be recharged. Hello Barbie also comes equipped with a hold-to-talk button on her belt buckle to make sure she’s responding only to the child’s commands.
All of Barbie’s words are written by staffers employed by the companies. A smartphone app connects the doll to the Internet, and once Barbie’s online, the child can talk to the doll and his or her words are sent to ToyTalk’s secure server. These collected conversations let the staff know what kids want to say to Barbie and what kinds of responses the staff needs to write.
Through these interactions, Barbie builds a customized cloud-based database of her owner’s likes and dislikes, which she’s then able to incorporate into conversation.
ToyTalk gives parents many controls over their child’s interactions with the doll. For instance, parents choose which topics they don’t want their kids discussing, and Barbie will gracefully switch the conversation away from them. At any time, privacy-minded parents can also opt to have their child’s information deleted from ToyTalk’s databases.
Yet Barbie’s ability to connect online has raised serious questions about the child’s privacy.
Last year, the U.K.-based Vivid Toys unveiled Cayla, which some are calling the first smart doll. Unlike Barbie, Cayla is essentially a Bluetooth headset dressed up as a doll. When she hears her owner’s voice, she sends the words to an app that uses speech recognition software to turn them into text. The app then picks out key words and scours the Internet for a response. Often times, Cayla turns to a Wikipedia entry and begins reading.
“She’s quite cool,” says security researcher Ken Munro. “I really like her! I’ve got three!”
Last month, Munro discovered multiple vulnerabilities in Cayla’s system that allow her to be hacked. Because Cayla uses Bluetooth technology, she’s able to receive phone calls, which in and of itself is a questionable function. But it gets much worse. Munro found that a password wasn’t required to connect Cayla to a smartphone. This means the doll can hook up to any device within Bluetooth range—typically 10 meters, or almost 33 feet. “There could be someone malicious outside the property that could pick up the connection and take it over,” Munro says, meaning strangers could play any audio they want to the child.
Munro found other security problems as well. “Obviously, being a great big kid, all I wanted to do was make the doll swear—which we succeeded in doing,” Munro says. The reason he succeeded: Cayla’s insecure phone application could be easily modified.
Unlike Cayla, all of Hello Barbie’s interactions happen over a secure connection, says Martin Reddy, co-founder of ToyTalk, and he says this makes attacks less likely. But tapping into the server is not the only point of contact someone with ill intent can have with the child’s communications with the doll; the information also exists on the company’s website.
If a parent chooses, the company will create and store audio files of the child-doll conversations on its website. Oren Jacob, CEO of ToyTalk, says that in order to access the files, parents will have to verify it is them by logging in. If hackers figure out that password, however, the conversation is then accessible to them as well.