
Using thermal scanners to steal PIN codes

Inspired by the publications of Michael Zalewski , they suggested that it would be much easier for criminals to steal bank card PIN codes using warm (infrared) scanning technology rather than using traditional video cameras.
This method has many advantages. Unlike using conventional cameras, the system goes unnoticed, and the ability to automate the process using software greatly simplifies the task.
Researchers with 21 volunteers studied the readability of the thermal pattern under the following conditions: PIN-pad buttons are made of plastic and polished metal. It turned out that an attack is almost impossible if the buttons of the PIN-pad are made of metal, in the case when the buttons are made of plastic, it was even possible to easily read the code entry sequence.
![]() | ![]() |
Unresolved questions remain in the work, what is the success of recognition in the case of the presence of repeated digits in the sequence; Is code recognition possible if the user enters additional information, such as transaction amount, recipient, etc.
To date, there is no data on attacks using thermal scanners, but experts suggest that in the future similar schemes of theft of PIN codes are possible, despite the high cost of equipment.
Report Text