Beware, Your smartwatch could reveal your ATM PIN

Live

Hardik Jagda

CEO Proximity

AI is becoming central to modern sports broadcasting

Andrew Bonwick

Vice President of Product Development at Relm Insurance

How insurance and risk models are evolving to support satellite connectivity

Madhav Sheth

CEO of Ai+ Smartphone

Bold attempt to design smartphones specifically for Indian consumers.

Stephen Rose

CEO Render Networks

Why execution in the trenches may be the real key to AI readiness

Beware, Your smartwatch could reveal your ATM PIN

The smartwatches can help hackers to grab the secret ATM PINS, reveals a new research from Binghamton University and the Stevens Institute of Technology. In the paper titled “Friend or Foe? Your Wearable Devices Reveal Your Personal PIN”, the researchers have found that the smartwatches can be used to record anything you type by monitoring the hand movements.

Make Telecom Talk My Trusted Source

Android Wear Smartwatches

The researchers have developed an algorithm by which they cracked the private PINs and passwords with 80% accuracy on the first try and more than 90% accuracy in the third try.

Commenting on the findings, Yan Wang, assistant professor of computer science within the Thomas J. Watson School of Engineering and Applied Science at Binghamton University, who co-authored the report said, “Wearable devices can be exploited. Attackers can reproduce the trajectories of the user’s hand then recover secret key entries to ATM cash machines, electronic door locks and keypad-controlled enterprise servers.”

The researchers have tried 5000 key-entry tests on three key-based security systems, including an ATM, with 20 adults wearing a variety of technologies over 11 months. In the test, the researchers recorded millimeter-level information of fine-grained hand movements from accelerometers, gyroscopes and magnetometers inside the wearable technologies. Those measurements gave an estimation of the distance and direction between consecutive keystrokes, which is used to break the PINs. The algorithm used to crack the PINs is called as “Backward PIN-sequence Inference Algorithm”.

“There are two attacking scenarios that are achievable: internal and sniffing attacks. In an internal attack, the hackers access embedded sensors in wrist-worn wearable devices through malware. The malware waits until the victim accesses a key-based security system and sends sensor data back. Then the attacker can aggregate the sensor data to determine the victim’s PIN. An attacker can also place a wireless sniffer close to a key-based security system to eavesdrop sensor data from wearable devices sent via Bluetooth to the victim’s associated smartphones,” Wang elucidated.