Beware! Hackers can get hold of PINs and passwords from your smartphone's sensor data
Data from your smartphone sensors can reveal PINs and passwords to hackers and allow them to unlock your mobile devices, according to a study led by an Indian-origin scientist.
Instruments in smart phones such as the gyroscope and proximity sensors represent a potential security vulnerability, said researchers from Nanyang Technological University (NTU) in Singapore.
Using machine learning algorithms and a combination of information gathered from six different sensors found in smart phones, researchers succeeded in unlocking Android smart phones with a 99.5 per cent accuracy within only three tries, when tackling a phone that had one of the 50 most common PIN numbers.
Instruments in smart phones such as the gyroscope and proximity sensors represent a potential security vulnerability, said researchers from Nanyang Technological University (NTU) in Singapore.
Using machine learning algorithms and a combination of information gathered from six different sensors found in smart phones, researchers succeeded in unlocking Android smart phones with a 99.5 per cent accuracy within only three tries, when tackling a phone that had one of the 50 most common PIN numbers.
The previous best phone-cracking success rate was 74 per cent for the 50 most common pin numbers, but NTU's technique can be used to guess all 10,000 possible combinations of four-digit PINs.
Led by Shivam Bhasin, NTU Senior Research Scientist, researchers used sensors in a smart phone to model which number had been pressed by its users, based on how the phone was tilted and how much light is blocked by the thumb or fingers.
The researchers believe their work highlights a significant flaw in smart phone security, as using the sensors within the phones require no permissions to be given by the phone user and are openly available for all apps to access.
Led by Shivam Bhasin, NTU Senior Research Scientist, researchers used sensors in a smart phone to model which number had been pressed by its users, based on how the phone was tilted and how much light is blocked by the thumb or fingers.
The researchers believe their work highlights a significant flaw in smart phone security, as using the sensors within the phones require no permissions to be given by the phone user and are openly available for all apps to access.
The team of researchers took Android phones and installed a custom application which collected data from six sensors: accelerometer, gyroscope, magnetometer, proximity sensor, barometer, and ambient light sensor.
"When you hold your phone and key in the PIN, the way the phone moves when you press 1, 5, or 9, is very different. Likewise, pressing 1 with your right thumb will block more light than if you pressed 9,"
"When you hold your phone and key in the PIN, the way the phone moves when you press 1, 5, or 9, is very different. Likewise, pressing 1 with your right thumb will block more light than if you pressed 9,"
Post a Comment