PIN Skimmer- A Software That Uses Your Phone's Camera And Microphone To Leak Your PIN

Ambarish Ganesh

Ambarish Ganesh

@ambarish-PQyoXg Oct 25, 2024
That front facing camera on your smartphone that shoots brilliant selfies may be revaling your secrets, in more ways than you can imagine. And yes, be very warned of voice calling too, as your mic is an equal accomplice in this game. A team at the University of Cambridge demonstrated PIN Skimmer, a software package for Android via which the codes punched onto your smart's virtual keypad could be leaked out.

slide

Now how in God's holy name is this possible, you ask? The software prompts the camera to study your face, and its various movements- head alignment and eye movement included, no shit. It then "listens" to the various clicks you click on the screen as you punch in your PIN number. The tests were performed on a Google Nexus S and a Galaxy S3, and the researchers were left stumped by the accuracy of identifying the correct PIN of any person.

Now hijacking of the camera is getting pretty common, and Prof. Ross Anderson, who's with the department of security engineering at Cambridge University believes that this is a serious threat that should be looked into, for it may sabotage various mobile payment apps. And there are ways in which user can pull off a win over this software- by including random keys or using larger PIN numbers, but the Professor believes that this would downgrade the efficiency of the phone. Other extreme solutions include incorporating facial recognition and fingerprint identification in place of PINs. Tedious, yes, but surely secure.
Like 0 Replies 2

Replies

Welcome, guest

Join CrazyEngineers to reply, ask questions, and participate in conversations.

Sign up Log in

CrazyEngineers powered by Jatra Community Platform

  • Saandeep Sreerambatla

    Saandeep Sreerambatla

    @saandeep-sreerambatla-hWHU1M Nov 12, 2013

    We need to design a app to disable camera at times as well. which will prove to be beneficiary in many different ways.

    and also make the mode always off such that, if we are genuinely interested we will switch on the camera 😀
    0
  • micheal john

    micheal john

    @micheal-john-l1fIn3 Nov 17, 2013

    Ambarish Ganesh
    That front facing camera on your smartphone that shoots brilliant selfies may be revaling your secrets, in more ways than you can imagine. And yes, be very warned of voice calling too, as your mic is an equal accomplice in this game. A team at the University of Cambridge demonstrated PIN Skimmer, a software package for Android via which the codes punched onto your smart's virtual keypad could be leaked out.

    slide

    Now how in God's holy name is this possible, you ask? The software prompts the camera to study your face, and its various movements- head alignment and eye movement included, no shit. It then "listens" to the various clicks you click on the screen as you punch in your PIN number. The tests were performed on a Google Nexus S and a Galaxy S3, and the researchers were left stumped by the accuracy of identifying the correct PIN of any person.

    Now hijacking of the camera is getting pretty common, and Prof. Ross Anderson, who's with the department of security engineering at Cambridge University believes that this is a serious threat that should be looked into, for it may sabotage various mobile payment apps. And there are ways in which user can pull off a win over this software- by including random keys or using larger PIN numbers, but the Professor believes that this would downgrade the efficiency of the phone. Other extreme solutions include incorporating facial recognition and fingerprint identification in place of PINs. Tedious, yes, but surely secure.

    is this legal?
    0