Security
Security is a top priority for Haptic Harmony. We implement comprehensive measures to protect your ring, your data, and any agent integrations you connect to it.
On-Device Processing
By default, gesture and voice-command recognition happen on-device. Sensitive data never leaves the ring or your paired device unless you explicitly configure a cloud-connected integration.
Encryption
Bluetooth Low Energy communication between the ring and your paired device uses standard BLE encryption. Network communications from the companion software use industry-standard TLS.
MCP Security
Our Model Context Protocol (MCP) integration includes capability-based access control, so an AI agent can only trigger the haptic and gesture actions it's explicitly granted.
Vulnerability Reporting
If you discover a security vulnerability in the firmware, SDK, or this site, please report it responsibly through our GitHub security advisory system or contact us directly through our Discord community.
Security Updates
We release firmware and software security updates as needed and encourage users to keep their ring's firmware up to date. Critical patches are prioritized and released as soon as possible.
Source-Available Transparency
The firmware and SDKs are source-available under GPSL-1.1 — our security implementations are transparent and can be reviewed by the community. We welcome security reviews and contributions from security researchers.
Best Practices
- Keep your ring's firmware updated to the latest version
- Use strong authentication for any MCP server you connect the ring to
- Regularly review which agents and integrations have access to the ring
- Re-pair the ring if you suspect unauthorized access to a paired device
- Follow the principle of least privilege when granting agent capabilities
Contact
For security-related questions or to report vulnerabilities, please contact us through our GitHub repository or Discord community.