Replication Data for: One Tap to Hijack Them All: A Security Analysis of the Google Fast Pair Protocol

Google Fast Pair enables one-tap pairing and account synchronisation across supported Bluetooth accessories. While Fast Pair has been adopted by many popular consumer brands, we discovered that many flagship products have not implemented Fast Pair correctly, introducing a flaw that allows an attacker to hijack devices and track victims using Google's Find Hub network. We introduce WhisperPair, a family of practical attacks that leverages a flaw in the Fast Pair implementation on flagship audio accessories. Our findings show how a small usability 'add-on' can introduce large-scale security and privacy risks for hundreds of millions of users. This artefact provides a testing harness to check for the WhisperPair vulnerability reported in the paper "One Tap to Hijack Them All: A Security Analysis of the Google Fast Pair Protocol" (IEEE S&P 2026).