Smartwatches can be a perfectly useful and handy wearable device for some users, but it's good to keep in mind that using them might mean opening yourself to an additional line of attack.
As student Tony Beltramelli has demonstrated for his Master's thesis, it's possible for an attacker to trick the user into installing a malicious app on his or her smartwatch (in his example Sony SmartWatch 3) that would record gyroscope and accelerometer sensor data, and send it to a server controlled by the attacker.
In his case, he didn't manage to make the app send the collected data directly to the server, but to a nearby Android device, and from there the data was sent to the server.
That data can be consequently analyzed, and the attacker is able to guess with above-average accuracy (73%) which buttons the user pressed when, for example, entering his or her PIN in a provided 12-keys keypad (e.g. in a keypad on an ATM).
