How Your PIN And Password Can Be Stolen Using Your Phone’s Movement


Short Bytes: The security researchers at Newcastle University have published a paper that showcases the risks posed by numerous sensors that are a part of modern smartphones. Many of these sensors don’t ask for user’s permission and can act as a spying tool that can be exploited by hackers and malicious websites. The researchers are in touch with industry leaders who are working to take care of this issue.

Your high-end smartphone has tons of new features and sensors. Any new application that you install on your smartphone ask for the camera, microphone, and GPS permission, but what about the other sensors? It’s possible that you don’t know which native app or web app has the access to which sensors.

Based on this security risk posed by the onboard sensors, a team of researchers at Newcastle University has published a paper. The team was able to crack the phone’s four-digit PINs with a surprising 70% accuracy on the first try. The accuracy increased to 100% by the fifth try.

Recommended: Top 10 Worst Passwords Of 2016 You Should Never Keep

The research states that the case of websites being accessed via mobile web browsers is the most troublesome as a malicious site can expose the device to such sensor-based monitoring. By getting the access to such data, a hacker can determine if the target is walking, traveling in a car, or sitting.

Talking to TechCrunch, paper’s lead researcher Dr. Maryam Mehrnezhad said that all the mobile platforms are aware of this issue and they are cooperating to fix this problem.

“We reported it to them, and ever since we’ve been in touch with them, we’ve been trying to fix this problem together. It’s still ongoing research on both sides. But we’re in contact with these communities to figure out the best solution,” she said.

The research team has also contacted major web players like W3C and Mozilla to address the issue. The work needed to fix this issue will be a tough line to walk.

Do you think it’s a major security threat that needs to be addressed in the near future? Share your thoughts with us and become a part of the discussion.

Also Read: Facebook Just Launched A New Open Source Tool For Recovering Passwords Easily
Adarsh Verma

Adarsh Verma

Fossbytes co-founder and an aspiring entrepreneur who keeps a close eye on open source, tech giants, and security. Get in touch with him by sending an email — [email protected]
More From Fossbytes

Latest On Fossbytes

Find your dream job