Malicious software uses camera and mic to reveal your PIN code

Malicious software uses camera and mic to reveal your PIN code
Researchers have warned BBC about an unusual security issue in smartphones that could allow wrongdoers to take advantage of your hardware while you enter your most valuable PIN codes. Prof Ross Anderson and Laurent Simon, the authors of a recent report stated that by using a program called PIN Skimmer, they were able to reveal PIN codes on devices such as the Google Nexus S and the Galaxy S3. 

The program functions by taking control of you front-faced camera and microphone, then watches your face and "listens" to touch-events as you enter your PIN code on the virtual keypad. Then the collected data is used to compare the orientation of the phone in relation to the user's face and then determine which keys were pressed.

"We watch how your face appears to move as you jiggle your phone by typing. It did surprise us how well it worked" admitted Proffesor Ross Anderson.

Nowadays, when more and people access their banking accounts via their smartphones, the necessity of additional security measures is bigger than ever. The researchers suggest that smartphone users should either use longer, more complex PIN codes or randomize the position of the digits in order to minimize the risk of them falling victims to malicious software. It is also suggested that facial recognition or fingerprint scanning should be used if available.

Earlier this year, another security flaw allowed malicious third-party apps to gather data from the smartphone's acellerometer sensors and use it to guess PIN codes and screen lock patterns. Have you ever experienced any similar security issues with your smartphone and the precious data you store?

source: BBC News

FEATURED VIDEO

Latest Stories

This copy is for your personal, non-commercial use only. You can order presentation-ready copies for distribution to your colleagues, clients or customers at https://www.parsintl.com/phonearena or use the Reprints & Permissions tool that appears at the bottom of each web page. Visit https://www.parsintl.com/ for samples and additional information.
FCC OKs Cingular's purchase of AT&T Wireless