A recent study conducted by a scientist of Indian origin, Dr. Shivam Bhasin, has revealed that you can access the PIN and passwords of your smartphone with the help of smart phone sensors, which can allow them to unlock mobile devices.
The sensors of a smartphone such as the gyroscope and proximity sensors are a potential security threat.
Sensors for smartphones A threat to security?
Researchers have managed to unlock an Android smartphone in less than 3 trials with an incredible 99.5% accuracy using machine learning algorithms and smart phone sensors.
Prior to this, the cracking success rate of Android smartphones was 74%. This new technique can guess all the 10,000 possible combinations of a four-digit PIN used to block mobile devices.
There are six types of sensors found in a normal smartphone. Researchers have used these sensors to find what numbers have been pressed by users, depending on how the phone has tilted and how much light is blocked by the thumb or fingers.
Researchers have pointed out that sensors are a significant defect in the security of smartphones. The smartphone does not require user permission to use its sensors. As such, they are open to access for all applications, which makes them vulnerable.
The research was conducted on Android phones that come installed with custom applications and data collected from the six common sensors in a smartphone: accelerometer, gyroscope, magnetometer, proximity sensor, barometer and ambient light sensor.
How was the investigation carried out?
The use and placement of sensors in an Android smartphone is a major security flaw. Each time the user enters a PIN or password, the sensors record the movements that occur when touching different areas of the smartphone’s screen. E.g. when the number 2 is pressed, the finger will block more light than if the number 8 was pressed.
The researchers used the classification algorithm method and followed it by training with the data collected. A random set of four-digit pin numbers was placed on a telephone and the relevant reactions of the sensors were recorded.
The deep learning classification algorithm was able to assign different weights of importance for each of the sensors depending on how sensitive each was to the different numbers being pressed.
This eliminated the factors that were less important and as a result increased the success rate for PIN recovery. The researchers achieved an enormous accuracy of 99.5%.
How to keep your device safe?
Although this was an experiment carried out by researchers, it is always worth being safe. These are some ways you can keep your mobile devices safe;
- Use a PIN with more than four digits.
- An alphanumeric password is more secure than a PIN.
- Make use of authentication methods such as OTP.
- You can also use two factor authentication.
- Use biometric security, such as fingerprints and face recognition.