With smartphones used to do everything from send emails to make bank transfers (don’t forget you can still text and make calls from them), the need for them to be secure is as strong now as ever. However, as we use our smartphones to do more work-related jobs and take care of our finances, criminals are eyeing them up as a gateway into our bank accounts.
In fact, scientists at Newcastle University have just proven that hackers can obtain users four-digit pin codes just by the way a person tilts the screen. Staggeringly, the team of hackers cracked the 50 passcodes shown to them with 70% accuracy on the first attempt and 100% accuracy by the fifth go. They do this by obtaining the information from the phone’s gyroscope – the senor that tracks the rotation and orientation of the user’s wrist. The study points to the danger of malicious apps that are set-up in order to gain access to a device’s sensors without the user’s knowledge. By gaining access to the sensors a hacker is able to observe the users habits and deduce his or her password through orientation and motion trace data.
“Most smartphones, tablets, and other wearables are now equipped with a multitude of sensors,” Dr. Maryam Mehrnezhad, a research fellow in the Newcastle University School of Computing Science, said. “But because mobile apps and websites don’t need to ask permission to access most of them, malicious programs can covertly ‘listen in’ on your sensor data.”
“It’s a bit like doing a jigsaw — the more pieces you put together, the easier it is to see the picture,” added Dr. Siamak Shahandashti, co-author on the study.
Thankfully, the days of pin codes seem to be quickly vanishing with fingerprint technology already in place on most devices and face recognition and retina scanning set to become the latest security defence installed on most smartphones.