Smartphone sensors reveal vital infomation about your security PIN

A recent study unveils that your phone's password is scientifically guessable, as a team at Nanyang Technological University has found a way to unlock the phone by reading its sensor data. Are you friends with a Black Hat? Your phone might work as "The Marauder's Map" for him since it involuntarily stores the key info. But, to achieve this passcode one must have access to the phone to extract the data from 6 different sensors, embedded in its core. Sounds unfeasible? Actually not.

According to a team of researchers, this indeed represents a potential security vulnerability since the team had 99.5 percent success rate while guessing a phone's 4 digits PIN with a book of 50 most densely used PINs and highly sophisticated machine learning and deep learning algorithms. Previously used methods allowed accuracy up to 74 percent but the new method can crack all 10000 possible combinations in three trails. Accept it or not, boon or curse, the new method will eventually put a significant contribution to cryptography related research and probably, permanently put an end to an era where the PIN was the only gateway.

Sensor_info_reveals_smartphone_PINs
Smartphone's sensors can kill your security PINs

Guided by Shivam Bhasin, an NTU Senior Research Scientist, Temasek Laboratories, the team read the patterns depending on their response to a slight tilt or the amount of light, blocked by fingers. Highlighting a serious threat, the research team installed an application which simply accessed the phone's accelerometer, gyroscope, magnetometer, proximity sensor, barometer, and ambient light sensor and collected the unique sensor response, since there is no authentication required to extract this.

According to the team, a pattern of 1-5-9-0 would generate significantly different sensor response compared to 2-3-7-1. Tapping 1 with your right thumb will restrict more light than pressing 9. Giving credits to its data-driven response, the team also mentioned that the algorithm was treated with data collected from three people who each entered 70 random 4 digit PINs. Consequently, the data generated with each input was recorded. The classification algorithm then ranked the sensors as per their performances and thus the response created a unique pattern which ultimately improved in solving a specific key. The algorithm further improves its result once a greater of data is under investigation.

This suggests that a hacker can easily launch a massive attack once he has access to more data. Guess what? Not just it, one can even find your psychological nitty gritty if a deeper study is done which costs much more than the information saved on your phone. To restrict this information loss, the group strictly suggests everyone write stronger PINs and couple them with one-time passwords, two-factor authentications, and fingerprint or facial recognition. The research has been recently published in Cryptology ePrint Archive, as an open source paper.

Source: #-Link-Snipped-#

Replies

You are reading an archived discussion.

Related Posts

Chinese smartphone and PC giant Lenovo has added the new K320t smartphone to its K-series lineup. The phone has been aimed at the budget segment and is being sold at...
Supermassive Black Holes have always been the area of interest for researchers and cosmologists. The year 2017 has witnessed many new research publications which have proved their importance. Recently one...
For those that still religiously read books: The 100 best nonfiction books of all time: the full list
China is gearing up for the launch of Chang'e 4, a set of two unmanned lunar missions which are being seen as the most ambitious and complex moon missions yet...
In a groundbreaking research which is first of its kind, researchers at the Harvard John A. Paulson School of Engineering and Applied Sciences (SEAS) have developed a first single lens...