(So guess what I got for Christmas...)
While I do appreciate the tech and some of the features in the smart watch, I am skeptical of it's biggest feature -- the Pay feature which essentially duplicates your credit card's magnetic info and stores it within the watch (or the phone it is paired with? not sure on that). It is great to just walk up to a payment terminal and bring your wrist close to it and the smart watch does the payment for you by surrendering the stored card info. Not that it is such an awesome feature that I would buy a smart watch for that, but since I have it now I am thinking of using it.
Making my question more generic to all smart watches and IoT devices that have such auto-pay features: from a security standpoint, how safe is it to store your credit card's magnetic info on a smart watch like that? Is it about as safe as storing it on your phone or on a website like Amazon? I worry that a smart watch's OS might be easier for attackers to target since it is more likely to have security vulnerabilities than a more mainstream and major OS like Red Hat or Mac OsX (not saying these don't have major vulnerabilities but still...). So if I have my credit card stored at a bunch of places like Amazon, Android phone, smart watch etc., attackers are more likely to target something like a watch to steal it from. Am I correct in this assumption?
Side note: I confess that I do not yet fully understand how the watch is able to act like a credit card to make payment at terminals. From what little I understand, it stores some limited one-time "payment tokens" that allow it to make payments.