Google Fast Pair was launched in 2017 to make it easier to pair audio accessories and smartwatches to Android devices. It has the same quick pairing feature as iOS. But researchers from KU Leuven reported the discovery of a vulnerability in Fast Pair that left accessories vulnerable to hackers.
The vulnerability, named WhisperPair, allows any hacker's device to be paired to a user's device without them knowing. This is because the Fast Pair security protocol is not properly implemented by accessory manufacturers. As a result, not only can audio be eavesdropped, but the microphone can also be activated to listen to two-way conversations.
Google has been notified of this vulnerability and security patch updates have been provided by several manufacturers. However, this is because it requires accessory manufacturers to provide updates to the hardware they release, and this will take time.
