Security

Security is a top priority for Haptic Harmony. We implement comprehensive measures to protect your ring, your data, and any agent integrations you connect to it.

On-Device Processing

By default, gesture and voice-command recognition happen on-device. Sensitive data never leaves the ring or your paired device unless you explicitly configure a cloud-connected integration.

Encryption

Bluetooth Low Energy communication between the ring and your paired device uses standard BLE encryption. Network communications from the companion software use industry-standard TLS.

MCP Security

Our Model Context Protocol (MCP) integration includes capability-based access control, so an AI agent can only trigger the haptic and gesture actions it's explicitly granted.

Vulnerability Reporting

If you discover a security vulnerability in the firmware, SDK, or this site, please report it responsibly through our GitHub security advisory system or contact us directly through our Discord community.

Security Updates

We release firmware and software security updates as needed and encourage users to keep their ring's firmware up to date. Critical patches are prioritized and released as soon as possible.

Source-Available Transparency

The firmware and SDKs are source-available under GPSL-1.1 — our security implementations are transparent and can be reviewed by the community. We welcome security reviews and contributions from security researchers.

Best Practices

  • Keep your ring's firmware updated to the latest version
  • Use strong authentication for any MCP server you connect the ring to
  • Regularly review which agents and integrations have access to the ring
  • Re-pair the ring if you suspect unauthorized access to a paired device
  • Follow the principle of least privilege when granting agent capabilities

Contact

For security-related questions or to report vulnerabilities, please contact us through our GitHub repository or Discord community.