x PhoneArena is looking for new authors! To view all available positions, click here.
  • Home
  • News
  • Malicious software uses camera and mic to reveal your PIN code

Malicious software uses camera and mic to reveal your PIN code

Posted: , by Peter K.

Malicious software uses camera and mic to reveal your PIN code
Researchers have warned BBC about an unusual security issue in smartphones that could allow wrongdoers to take advantage of your hardware while you enter your most valuable PIN codes. Prof Ross Anderson and Laurent Simon, the authors of a recent report stated that by using a program called PIN Skimmer, they were able to reveal PIN codes on devices such as the Google Nexus S and the Galaxy S3. 

The program functions by taking control of you front-faced camera and microphone, then watches your face and "listens" to touch-events as you enter your PIN code on the virtual keypad. Then the collected data is used to compare the orientation of the phone in relation to the user's face and then determine which keys were pressed.

"We watch how your face appears to move as you jiggle your phone by typing. It did surprise us how well it worked" admitted Proffesor Ross Anderson.

Nowadays, when more and people access their banking accounts via their smartphones, the necessity of additional security measures is bigger than ever. The researchers suggest that smartphone users should either use longer, more complex PIN codes or randomize the position of the digits in order to minimize the risk of them falling victims to malicious software. It is also suggested that facial recognition or fingerprint scanning should be used if available.

Earlier this year, another security flaw allowed malicious third-party apps to gather data from the smartphone's acellerometer sensors and use it to guess PIN codes and screen lock patterns. Have you ever experienced any similar security issues with your smartphone and the precious data you store?

source: BBC News

4 Comments
  • Options
    Close




posted on 14 Nov 2013, 04:39 1

1. scriptwriter (Posts: 396; Member since: 13 Nov 2012)


Easiest way around this: Cover up the front camera while unlocking your phone and keep keypad tones off.

Also, this while we need true orientation on phones, similar to what we have on tablets. This would make it even harder to use this method

posted on 14 Nov 2013, 11:38

3. tomn1ce (Posts: 102; Member since: 12 Mar 2012)


I was thinking the same thing as I was reading the article. Why not just cover the front facing camera.

posted on 14 Nov 2013, 05:26 2

2. Finalflash (Posts: 1761; Member since: 23 Jul 2013)


Right so someone has to go through the effort of getting my pin to do what with it... Since I still have the phone. And alphanumeric passwords more than 8 characters are not gonna be guessed by this at all because your eyes can be looking at half the keyboard at any one moment. Also, if you are going through all this effort... Why not just use a key logger since you can probably make one with 5 lines of code instead of the ridiculous heuristics needed for their method? Who comes up with this bs? They either needed filler publications or someone paid them to bs for them?

posted on 15 Nov 2013, 12:28 1

4. RebelwithoutaClue (Posts: 853; Member since: 05 Apr 2013)


Call me a niggler, but why does it show an iPhone screen in the picture when the malware only works on two specific Android phones?

Want to comment? Please login or register.

Latest stories