Tilting a Smartphone Gives Away Personal Info

Researchers at Newcastle University in the UK analyzed the movement of a smartphone while the keyboard is being used. They were able to crack passwords with 70% accuracy on the first guess, and 100% on the fifth attempt. This is just by using the data collected via smartphones' numerous internal sensors.

The study acknowledges that people are unaware of the risks and that most users have no idea what sensors actually do on a smartphone. Smartphones and tablets are equipped with a number of sensors like the GPS, camera, microphone, and less known ones like the gyroscope, compass, NFC, and accelerometer, among many others.

"But because mobile apps and websites don’t need to ask permission to access most of them, malicious programs can covertly ‘listen in’ on your sensor data and use it to discover a wide range of sensitive information about you such as phone call timing, physical activities and even your touch actions, PINs and passwords," said Dr. Maryam Merhnezhad, a Research Fellow in the School of Computing Science and lead author on the paper.

Free Monthly Newsletter

Compelling read? Subscribe to FierceEmbeddedTech!

The embedded tech sector runs the market’s trends. FierceEmbeddedTech subscribers rely on our suite of newsletters as their must-read source for the latest news, developments and analysis impacting their world. Sign up today to get news and updates delivered to your inbox and read on the go.

The study indicates that sensors have helped in the boom in mobile gaming and health and fitness apps, which will include those in the Internet of Things (IoT). Researchers found that every user touch action, such as clicking scrolling, holding, or tapping induces a unique orientation and motion trace. This makes snooping people able to determine what part of the page the user was interacting with, and what they were typing.

The team stated that they have alerted major browser providers like Google and Apple regarding risks, but so far, no one has reportedly been able to come up with an answer.

For more details, download Stealing PINs via Mobile Sensors: Actual Risk versus User Perception

Suggested Articles

Samsung Electronics Co., Ltd., has added several software enhancements to its PCIe Gen4 solid state drive (SSD) series, improving SSD performance.

New Western Digital cards are built on 3D NAND

The technology and business issues of hybrid and electric vehicles will be open for debate at the Electric and Hybrid Vehicle Technology Expo and Battery Show…