Researchers have discovered that it’s possible for hackers to figure out your pin number from the way your device tilt when you type in it.
Newcastle University’s scientists have demonstrated this newly discovered ability and managed to correctly guess a four-digit pin code with 70% accuracy. After they’ve given five attempts per code, they’ve managed to figure out every single pin that was used.
The hack is taking advantage of a loophole that exists in web browsers. Basically, your browser shares a certain amount of information with websites that you visit, and while some sensitive info and access to it require permission from the owner of the device, a lot of data is being shared without question because it’s considered safe for others to know. Turns out that hackers are becoming even craftier, and that every single piece of info, no matter how small, can somehow be used against you.
Still, researchers claim that there’s no real reason for you to worry, as this method of uncovering information, as amazing as it is, isn’t all that useful in the real world.
A researcher from the School of Computing Science, Dr. Maryam Mehrnezhad has said that most devices that we carry around with us have a lot of sensors, including GPS, microphone, gyroscope, cameras, rotation sensors, and even accelerometer, and that most of these sensors’ data is considered safe for sharing, so that hackers can use it to follow what you do, how you hold your phone and alike. Still, even with all of that, it’s really hard for them to really figure out your pin because it needed a lot of time and data for researchers to study before they could guess the pin correctly.
And that’s only when it comes to four-digit pin codes, while many have six digits or even a longer password.
When asked which sensors were they worried about, most people said that camera and location are the biggest sources of their concern, which showed that they don’t even realize how much info the silent sensors can reveal about them. The simplest actions like typing, clicking, holding and scrolling can reveal the way you hold the phone, the way you tilt it when typing in different numbers or letters, and all of that info can be collected by hackers, studied, and then used to correctly guess what you’re typing in.
Google, Apple, and similar browser providers have been notified of the problem, but so far, no one has an answer on how to prevent the misuse of the shared info.
Similar attempts of using phone features, and even parts like batteries and alike have been used in exploit attempts but were discovered and dealt with in the past. Some of the methods used in dealing with such issues included disabling entire features, but some claim that it had to be done. For now, this problem remains.