Smartphone sensors ‘can reveal PINs and passwords’

pin

A smartphone’s internal sensors may provide cybercriminals with enough information to be able to guess a user PINs and passwords, according to new research by Newcastle University in the UK.

Experts found that PINs and passwords could be deciphered relatively easily this way. Tests carried out by the university, for example, found that cybercriminals could work out a four-digit PIN with 70% accuracy on the first guess.

The authors of the paper, which was recently published in International Journal of Information Security, said this was troubling, more so because many people are unaware of the security risks associated with smartphone sensors.

Moreover, as to what sensors can actually do on a smartphone, the report found that users tend to have very little understanding about their capabilities.

Smartphone sensors vary considerably. They relate to GPS, to cameras and microphones, near-field communication and gyroscope. There can be as many as 25 different types on mobile devices.

“Because mobile apps and websites don’t need to ask permission to access most [sensors], malicious programs can covertly ‘listen in’ on your sensor data,” said lead author Dr Maryam Mehrnezhad, a research fellow in the School of Computing Science at Newcastle University.

She added: “[Cybercriminals] can use it to discover a wide range of sensitive information about you such as phone call timing, physical activities and even your touch actions, PINs and passwords.”

It’s not just smartphones that can reveal sensitive information – other connected and mobile devices, including wearable tech like personal fitness trackers and tablets.

by Narinder Purba, ESET We Live Security


One thought on “Smartphone sensors ‘can reveal PINs and passwords’

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s