PIN Skimmer- A Software That Uses Your Phone's Camera And Microphone To Leak Your PIN
That front facing camera on your smartphone that shoots brilliant selfies may be revaling your secrets, in more ways than you can imagine. And yes, be very warned of voice calling too, as your mic is an equal accomplice in this game. A team at the University of Cambridge demonstrated PIN Skimmer, a software package for Android via which the codes punched onto your smart's virtual keypad could be leaked out.
Now how in God's holy name is this possible, you ask? The software prompts the camera to study your face, and its various movements- head alignment and eye movement included, no shit. It then "listens" to the various clicks you click on the screen as you punch in your PIN number. The tests were performed on a Google Nexus S and a Galaxy S3, and the researchers were left stumped by the accuracy of identifying the correct PIN of any person.
Now hijacking of the camera is getting pretty common, and Prof. Ross Anderson, who's with the department of security engineering at Cambridge University believes that this is a serious threat that should be looked into, for it may sabotage various mobile payment apps. And there are ways in which user can pull off a win over this software- by including random keys or using larger PIN numbers, but the Professor believes that this would downgrade the efficiency of the phone. Other extreme solutions include incorporating facial recognition and fingerprint identification in place of PINs. Tedious, yes, but surely secure.

Now how in God's holy name is this possible, you ask? The software prompts the camera to study your face, and its various movements- head alignment and eye movement included, no shit. It then "listens" to the various clicks you click on the screen as you punch in your PIN number. The tests were performed on a Google Nexus S and a Galaxy S3, and the researchers were left stumped by the accuracy of identifying the correct PIN of any person.
Now hijacking of the camera is getting pretty common, and Prof. Ross Anderson, who's with the department of security engineering at Cambridge University believes that this is a serious threat that should be looked into, for it may sabotage various mobile payment apps. And there are ways in which user can pull off a win over this software- by including random keys or using larger PIN numbers, but the Professor believes that this would downgrade the efficiency of the phone. Other extreme solutions include incorporating facial recognition and fingerprint identification in place of PINs. Tedious, yes, but surely secure.
0