Security researchers from Singapore and Germany collaborated to figure out a brand new way of hacking PINs used to unlock smartphones or verify users before letting them into any apps. The method of phone hacking works by tapping into sensor data, which has been tried in the past, but not with the kind of accuracy of this latest attempt.
David Berend, Bernhard Jungk and Shivam Bhasin published their findings in a research paper for the International Association for Cryptologic Research (IACR). As if the security threats we face every day aren’t already enough, the trio figured out a way to unlock a victim’s smartphone within three attempts, and with a success rate of 99.5%.
The demonstrated attack works by collecting data from a smartphone’s sensors and running it through an algorithm to figure out the PIN with scary accuracy. It is laughably easy for any app installed on a smartphone to get sensor data, and it’s not something one would pay much attention to either, unlike turning off permissions for location and microphone tracking.
Bhasin, Berend and Jungk loaded a custom app on an Android smartphone, which collected information from six sensors in the smartphones – accelerometer, magnetometer, ambient light sensor, gyroscope, rotation sensor and barometer – every time they entered a PIN on their smartphone.
The experiment was based on the assumption that when entering a numeric PIN on a smartphone, your taps and hand movements will change from number to number. Even if you only adjust your fingers very slightly to tap in the PIN, the movement is different for each number. So the sensors capture the variances – we are talking fractions of millimeters – every time you enter the number, and your hand is covering different parts of the screen for each number.
The trio had already collected the sensor data in testing for each number. Now they trained an algorithm to figure out which numbers is most likely to have been pressed for a certain set of sensor values – matched to their test models. This way, they could figure out a pin easily. How easily? They could figure out the correct pin 99.5% of the time!
Previous attempts at using this same method maxed out at 74% accuracy, so we’d say this is impressively scary. The researchers consider this a major flaw in smartphone security, since all the sensors used by the researchers’ are available to any Android app without any permission from the user, making it extremely easy for an attacker to implement a similar attack on their victim. The researchers say that smartphone apps should require explicit permissions from the users before being given access to sensor data.