Our smartphones are our most prized possessions. Maybe not in term of monetary value, but in terms of information, nothing comes close to beating. It is privy to all our sensitive information and has all our accounts. If someone else gets their hands on your smartphone you would think they can’t do anything with it unless they know your pin right? Well, you might be wrong on that account. Smartphone sensors are more powerful than you know and they have the ability to reveal your pin.
Researchers from Singapore’s Nanyang Technological University have created a system that correctly guesses a phone’s PIN, based solely on information provided by smartphone sensors. Dr. Shivam Bhasin is leading the research team that is responsible for developing the system.
They used three people to each enter a random set of 70 four-digit pins on Android smartphones. A custom app was installed on each phone and used the smartphone sensors like the accelerometer, gyroscope, magnetometer, proximity sensor, barometer, and ambient light sensor to gather information.
The collected data was analyzed by a deep learning algorithm and matched sensor readings with numbers on the keypad. “When you hold your phone and key in the PIN, the way the phone moves when you press 1, 5, or 9 is very different,” explains Bhasin. “Likewise, pressing 1 with your right thumb will block more light than if you pressed 9.”
The system was able to correctly guess the pin with 99.5 % accuracy and did not take more than three tries and was able to unlock the phone. Dr. Bhasin believes that people could download malware onto their phone without knowing it and this could provide a third party with the tools to unlock their phones.
Now, this is a scary thought indeed. However, he also presented a solution to the problem and said that mobile operating systems should restrict the access to smartphone sensors and only the users should be able to grant access to the apps they trust.