Beware: Smartwatches and Fitness Trackers may unwittingly give away your ATM PIN

PUBLISHED BY
Anna Domanska



TAGS:


5 years ago




Smartwatches or fitness trackers can give away your passwords and PIN numbers to hackers, according to scientists, who for the first time combined data from the embedded sensors found in wrist-worn wearables, such as smartwatches and fitness trackers to crack private PINs with up to 90 per cent accuracy.

The researchers from Binghamton University and the Stevens Institute of Technology in the US have developed a proprietary computer algorithm that can guess PINs and passwords with remarkable accuracy based solely on motion data to match them with the layout of typical key entry pads.

smartwatches and fitness trackers

In doing so, they were able to successfully crack private PINs and passwords with 80-percent accuracy on the first try and that figure climbed to more than 90-percent accuracy after three tries.

Yan Wang, assistant professor of computer science within the Thomas J. Watson School of Engineering and Applied Science at Binghamton University and a co-author of the study Friend or Foe?: Your Wearable Devices Reveal Your Personal PIN,” said wearables can be can be exploited with the right equipment which allows hackers uncover more or less any secret combination by reproducing the trajectories of what the wearer has manually entered on a keypad to recover the sequence of buttons pressed at an ATM or electronic door lock. Even passwords typed on a keyboard are not considered safe, provided the attackers’ algorithm is advanced enough.

The research team recorded millimetre-level information of hand movements from accelerometers, gyroscopes, and magnetometers inside the wearable technologies to monitor how the wearers wrist moved, whether tapping the pin at a cash point, or entering the Facebook password on the phone. The internally-developed backward PIN-sequence inference algorithm then turns the data into PINs with accuracy without context clues about the keypad.

Though the technique is very advanced, the threat is very real and could compromise the wearer’s security, Wang said.

According to Wang, there are two attacking scenarios that are achievable. The first, called an internal attack that involves malware being installed on the wrist-worn smartwatches or fitness trackers, and then sent back to the hacker to determine a PIN or password. Likewise, the hacker can perform a sniffing attack in which they place a wireless sensor near a key-based security system. The sensor is capable of intruding the data sent through Bluetooth between the user’s wrist wear and a paired smartphone.

The research team conducted 5,000 key-entry tests on three key-based security systems, including an ATM, with 20 adults wearing a range of technologies for over 11 months. The findings are just the first step in understanding security vulnerabilities of wearable devices.

Researchers on the project said they don’t have a solid solution at the moment to prevent the attack but recommended developers to insert noise data which would make it difficult to garner motion data. Another idea, they said would be to enhance encryption to prevent sniffer success.

Or, may be users could just enter PIN and other private data using the other hand.

Avatar
Anna Domanska
Anna Domanska is an Industry Leaders Magazine author possessing wide-range of knowledge for Business News. She is an avid reader and writer of Business and CEO Magazines and a rigorous follower of Business Leaders.

Recent Posts

New Shepard Rocket launches Successful Test Liftoff

New Shepard Rocket launches Successful Test Liftoff

The New Shepard rocket by Blue Origin successfully conducted the test launch in the Texas testing site, successfully performing take-off and...
8 hours ago
MIT unveils Modern Design for Hybrid-Electric Airliner

MIT unveils Modern Design for Hybrid-Electric Airliner

Engineers at MIT conceptualized a hybrid-electric plane that would reduce nitrogen oxide emission levels and harmful greenhouse gases signif...
8 hours ago
Store Closures Cost European Retail Giant Primark $1.43 Billion in Sales

Store Closures Cost European Retail Giant Primark $1.43 Billion in Sales

The European retail giant Primark said the COVID-19 had caused a loss of over $1.43 billion (£1.05 billion) in sales from store closures. T...
2 days ago
Goldman Sachs to concentrate on consumer banking arm Marcus for growth

Goldman Sachs to concentrate on consumer banking arm Marcus for growth

Goldman Sachs Group Inc. is firming up plans to bolster its consumer banking arm Marcus through acquisitions and concentrating on digital ba...
2 days ago
General Electric claims Siemens Energy used stolen theft secrets to win contract bids

General Electric claims Siemens Energy used stolen theft secrets to win contract bids

General Electric Co. has accused rival Siemens Energy AG of using stolen trade secrets to rig bids for lucrative contracts supplying gas tur...
2 days ago
U.S. Trade Department Slams Digital Services Tax

U.S. Trade Department Slams Digital Services Tax

The U.S. Trade Representative on Thursday said that the Digital Service Taxes (DSTs) in Spain, Austria and the U.K. is unreasonable and disc...
2 days ago