PIN Skimmer- A Software That Uses Your Phone's Camera And Microphone To Leak Your PIN
That front facing camera on your smartphone that shoots brilliant selfies may be revaling your secrets, in more ways than you can imagine. And yes, be very warned of voice calling too, as your mic is an equal accomplice in this game. A team at the University of Cambridge demonstrated PIN Skimmer, a software package for Android via which the codes punched onto your smart's virtual keypad could be leaked out.
Now how in God's holy name is this possible, you ask? The software prompts the camera to study your face, and its various movements- head alignment and eye movement included, no shit. It then "listens" to the various clicks you click on the screen as you punch in your PIN number. The tests were performed on a Google Nexus S and a Galaxy S3, and the researchers were left stumped by the accuracy of identifying the correct PIN of any person.
Now hijacking of the camera is getting pretty common, and Prof. Ross Anderson, who's with the department of security engineering at Cambridge University believes that this is a serious threat that should be looked into, for it may sabotage various mobile payment apps. And there are ways in which user can pull off a win over this software- by including random keys or using larger PIN numbers, but the Professor believes that this would downgrade the efficiency of the phone. Other extreme solutions include incorporating facial recognition and fingerprint identification in place of PINs. Tedious, yes, but surely secure.
Now how in God's holy name is this possible, you ask? The software prompts the camera to study your face, and its various movements- head alignment and eye movement included, no shit. It then "listens" to the various clicks you click on the screen as you punch in your PIN number. The tests were performed on a Google Nexus S and a Galaxy S3, and the researchers were left stumped by the accuracy of identifying the correct PIN of any person.
Now hijacking of the camera is getting pretty common, and Prof. Ross Anderson, who's with the department of security engineering at Cambridge University believes that this is a serious threat that should be looked into, for it may sabotage various mobile payment apps. And there are ways in which user can pull off a win over this software- by including random keys or using larger PIN numbers, but the Professor believes that this would downgrade the efficiency of the phone. Other extreme solutions include incorporating facial recognition and fingerprint identification in place of PINs. Tedious, yes, but surely secure.
Replies
-
Saandeep SreerambatlaWe need to design a app to disable camera at times as well. which will prove to be beneficiary in many different ways.
and also make the mode always off such that, if we are genuinely interested we will switch on the camera 😀 -
micheal johnAmbarish GaneshThat front facing camera on your smartphone that shoots brilliant selfies may be revaling your secrets, in more ways than you can imagine. And yes, be very warned of voice calling too, as your mic is an equal accomplice in this game. A team at the University of Cambridge demonstrated PIN Skimmer, a software package for Android via which the codes punched onto your smart's virtual keypad could be leaked out.
Now how in God's holy name is this possible, you ask? The software prompts the camera to study your face, and its various movements- head alignment and eye movement included, no shit. It then "listens" to the various clicks you click on the screen as you punch in your PIN number. The tests were performed on a Google Nexus S and a Galaxy S3, and the researchers were left stumped by the accuracy of identifying the correct PIN of any person.
Now hijacking of the camera is getting pretty common, and Prof. Ross Anderson, who's with the department of security engineering at Cambridge University believes that this is a serious threat that should be looked into, for it may sabotage various mobile payment apps. And there are ways in which user can pull off a win over this software- by including random keys or using larger PIN numbers, but the Professor believes that this would downgrade the efficiency of the phone. Other extreme solutions include incorporating facial recognition and fingerprint identification in place of PINs. Tedious, yes, but surely secure.
is this legal?
You are reading an archived discussion.
Related Posts
Watch this awesome video! Is it worth spoiling our health or do we need to change?
Hoping for a mixed response!
What are Infrastructure debt bonds? It was in ET today. I could not understand it. The newspaper said, it is long term (5, 10, 15, 20) years. Can anyone tell...
Yamaha's corner at the the Tokyo Motor Show is sizzling with the new concept electric motorcycles and PES1 is definitely the attention seeker. This unimaginably light vehicle weighs a little...
It looks like a lot of people believe that legalising betting and putting up 'tax' on the income made through betting would turn out to be beneficial. CBI direct Sinha...
Samsung and Intel have been developing Tizen - the mobile operating system for quite some time now. At the At the Developer Summit in Seoul, Korea, Samsung revealed the Tizen...