Latest in Blackhat

Image credit:

Researchers crack iPad PINs by tracking the fingers that enter them

45 Shares
Share
Tweet
Share
Save

Sponsored Links

What's the easiest way to find out someone's password? Watch them enter it, of course, using the simple hacking technique known as shoulder surfing. Cameras and software have successfully been used by researchers to automate and improve the accuracy of snooping on smartphone users with such observational methods, but they require a direct line-of-sight to work. Now, as Wired reports, a group at the University of Massachusetts Lowell has developed a way to capture iPad passcodes without needing any kind of on-screen cue. A camera is still required, but because the position of the lockscreen keypad is static, their software references finger movement against tablet orientation to estimate the PIN by the way it's entered.

Using Google Glass to emphasize how this could done quite inconspicuously, researchers found video from the wearable could capture a four-digit PIN from three meters away (nearly ten feet) 83 percent of the time (or over 90 percent with a little human help). Figures were similar using one of Samsung's camera-equipped smartwatches, and at the same distance, video from an iPhone 5 increased the success rate to 100 percent. Better cameras unsurprisingly produced better results, and at 44 meters (around 144 feet), a $700 camcorder and a little elevation also scored 100 percent on the test. Understanding that some might be genuinely worried about this kind of carry on, the same researchers are currently developing an Android app that randomizes the layout of the PIN-entry keypad, which they plan to release at the same time they present their work at the Black Hat USA conference in August.

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Comment
Comments
Share
45 Shares
Share
Tweet
Share
Save

Popular on Engadget

Engadget's 2019 Back-to-School Guide

Engadget's 2019 Back-to-School Guide

View
YouTube is removing its direct messaging feature in September

YouTube is removing its direct messaging feature in September

View
Walmart sues Tesla after solar panels catch fire at stores

Walmart sues Tesla after solar panels catch fire at stores

View
Nikon updates its SnapBridge app for faster image transfers

Nikon updates its SnapBridge app for faster image transfers

View
A fourth 'Matrix' movie is happening

A fourth 'Matrix' movie is happening

View

From around the web

Page 1Page 1ear iconeye iconFill 23text filevr