Instruments in smartphones such as the accelerometer, gyroscope and proximity sensors represent a potential security vulnerability as researchers, including one of Indian-origin, have found that data from these sensors could be used by hackers to guess the security PIN and unlock it.
Using a combination of information gathered from six different sensors found in smartphones and machine learning and deep learning algorithms, the researchers succeeded in unlocking Android smartphones with a 99.5 per cent accuracy within only three tries, said the study.
The researchers believe their work, published in the journal Cryptology ePrint Archive, highlights a significant flaw in smartphone security, as using the sensors within the phones require no permissions to be given by the phone user and are openly available for all apps to access.
Led by Shivam Bhasin of Nanyang Technological University, Singapore (NTU Singapore), the researchers used sensors in a smartphone to model which number had been pressed by its users, based on how the phone was tilted and how much light is blocked by the thumb or fingers.
The team of researchers took Android phones and installed a custom application which collected data from six sensors: accelerometer, gyroscope, magnetometer, proximity sensor, barometer and ambient light sensor.
“When you hold your phone and key in the PIN, the way the phone moves when you press 1, 5 or 9, is very different. Likewise, pressing 1 with your right thumb will block more light than if you pressed 9,” Bhasin said.
The classification algorithm was trained with data collected from a group of people, who each entered a random set of 70 four-digit PIN numbers on a phone. At the same time, it recorded the relevant sensor reactions.
Known as deep learning, the classification algorithm was able to give different weightings of importance to each of the sensors, depending on how sensitive each was to different numbers being pressed.
Although each individual enters the security PIN on their phone differently, the scientists showed that as data from more people is fed to the algorithm over time, success rates improved.
So while a malicious application may not be able to correctly guess a PIN immediately after installation, using machine learning, it could collect data from thousands of users over time from each of their phones to learn their PIN entry pattern and then launch an attack later when the success rate is much higher.
This study shows how devices with seemingly strong security can be attacked using a side-channel, as sensor data could be diverted by malicious applications to spy on user behaviour and help to access PIN and password information, and more, said Professor Gan Chee Lip, Director of the Temasek Laboratories at NTU.
The researchers said mobile operating systems should restrict access to the six sensors in future so that users can actively choose to give permissions only to trusted apps that need them.