Your ATM PIN can be stolen by hacking your smartwatch | HT Tech

Your ATM PIN can be stolen by hacking your smartwatch

Wearable devices can be exploited. Attackers can reproduce the trajectories of the user’s hand and recover secret key entries to ATM cash machines, electronic door locks and keypad-controlled enterprise servers

By: IANS
| Updated on: Jul 08 2016, 12:17 IST
image caption
Wearable devices can be exploited. Attackers can reproduce the trajectories of the user’s hand and recover secret key entries to ATM cash machines, electronic door locks and keypad-controlled enterprise servers

Cyber criminals can easily exploit wearable devices such as smartwatches and fitness trackers to steal sensitive information like your ATM PIN or passwords for electronic door locks, warns a new study.

"Wearable devices can be exploited. Attackers can reproduce the trajectories of the user's hand and recover secret key entries to ATM cash machines, electronic door locks and keypad-controlled enterprise servers," said Yan Wang from Binghamton University in the US.

You may be interested in

MobilesTablets Laptops
7% OFF
Apple iPhone 15 Pro Max
  • Black Titanium
  • 8 GB RAM
  • 256 GB Storage
28% OFF
Samsung Galaxy S23 Ultra 5G
  • Green
  • 12 GB RAM
  • 256 GB Storage
Google Pixel 8 Pro
  • Obsidian
  • 12 GB RAM
  • 128 GB Storage
Apple iPhone 15 Plus
  • Black
  • 6 GB RAM
  • 128 GB Storage

The researchers combined data from embedded sensors in wearable technologies such as smartwatches and fitness trackers, along with a computer algorithm to crack private PINs and passwords with 80 per cent accuracy on the first try and more than 90 per cent accuracy after three efforts.

Also read
Looking for a smartphone? To check mobile finder click here.

The team conducted 5,000 key-entry tests on three key-based security systems, including an ATM, with 20 adults wearing a variety of technologies over 11 months.

They were able to record millimetre-level information of fine-grained hand movements from accelerometers, gyroscopes and magnetometres inside the wearable technologies regardless of a hand's pose.

Those measurements lead to distance and direction estimations between consecutive keystrokes, which the team's "Backward PIN-sequence Inference Algorithm" used to break codes with alarming accuracy without context clues about the keypad.

"The threat is real, although the approach is sophisticated," Wang said in the paper presented at the "11th ACM on Asia Conference on Computer and Communications Security" conference in China recently.

The researchers did not give a solution for the problem but suggest that developers "inject a certain type of noise to data so it cannot be used to derive fine-grained hand movements, while still being effective for fitness tracking purposes such as activity recognition or step counts".

Wang co-authored the study along with Chen Wang from the Stevens Institute of Technology in New Jersey.

Catch all the Latest Tech News, Mobile News, Laptop News, Gaming news, Wearables News , How To News, also keep up with us on Whatsapp channel,Twitter, Facebook, Google News, and Instagram. For our latest videos, subscribe to our YouTube channel.

First Published Date: 08 Jul, 12:16 IST
NEXT ARTICLE BEGINS