Beware! Hackers Can Access Your PINs & Passwords Using Smartphone Sensors!
Researchers have succeeded in unlocking an Android smartphone with a whopping 99.5% accuracy using machine learning algorithms and the smartphone's sensors.
A recent study led by an Indian-origin scientist, Dr Shivam Bhasin, has revealed that your smartphone’s PIN and passwords can be accessed with the help of the smartphone sensors, which can allow them to unlock mobile devices.
A smartphone’s sensors like the gyroscope and proximity sensors are a potential security threat.
Smartphone’s Sensors A Security Threat?
Researchers have succeeded in unlocking an Android smartphone in just under 3 tries with a whopping 99.5% accuracy using machine learning algorithms and the smartphone’s sensors.
Prior to this, the success rate of cracking Android smartphones was 74%. This new technique can guess all the 10,000 possible combinations of a four-digit PIN used to lock mobile devices.
There are six types of sensors found in a normal smartphone. Researchers have used these sensors to find which numbers have been pressed by the users, based on how the phone was tilted and how much light is blocked by the thumb or fingers.
The researchers have highlighted that the sensors are a significant flaw in smartphone security. The smartphone requires no permissions from the user to use its sensors. As such they are open to access by all apps leaving them vulnerable.
The research was carried out on Android phones which came installed with custom applications and data collected from the six common sensors on a smartphone – accelerometer, gyroscope, magnetometer, proximity sensor, barometer and ambient light sensor.
How Was The Research Carried Out?
The use and placement of sensors in an Android smartphone is a major security flaw. Whenever the user is entering a PIN or password, the sensors record the movements that happen when different areas of the smartphone’s screen are touched. E.g. when the number 2 is pressed, the finger will block more light than if the number 8 was pressed.
The researchers used the method of the classification algorithm, and kept training it with the data collected. A random set of four-digit pin numbers were put in a phone and the relevant reactions from the sensors were recorded.
The deep learning classification algorithm was able to allocate different weightings of importance to each of the sensors depending on how sensitive each was to the different numbers being pressed.
This eliminated the factors which were less important and as a result increased the success rate for PIN retrieval. The researchers achieved a whopping 99.5% accuracy.
How To Keep Your Device Safe?
Even though this was an experiment carried out by researchers, it always pays to be safe. Here are some ways you can keep your mobile devices secure;
- Use a PIN with more than four digits.
- An alpha-numeric password is more secure than a PIN.
- Make use of authentication methods like OTPs.
- You can also use two-factor authentication.
- Use biometric security like fingerprints and facial recognition.