How to steal a bank card PIN through a smart watch



    Student of the University of Copenhagen, Tony Beltramelli [Tony Beltramelli] in his thesis presented a method that allows you to decode the code typed on a 12-button keyboard based on motion sensors "smart" watches. This can be the keyboard of an ATM, intercom, or the screen of a phone locked with a digital code.

    The “smarter” a gadget, the more features in it that can be turned into vulnerabilities and wrapped to the detriment of its owner. We have already written about different ways of tracking smartphone users more than once. Smart watches also prepare a lot of surprises in the field of information security.

    Student work is based on the early development of a teacher from the University of Illinoiswho developed the Samsung Gear Live smartwatch app with a group of students. Their application tracked the movements of the hand with the clock while typing on the keyboard. And although the text is typed with two hands, the movements of one hand can not only determine which buttons the user clicked with the fingers of his left hand, but also try to restore the text he typed.

    When typing on a 12-button keyboard, the task of the application is simplified. The student used the machine learning algorithm of neural networks " Recurrent Neural Network - Long Short-Term Memory ". The application is written for Sony SmartWatch 3, its sources are available on GitHub. Due to the technical limitations of the clock, the data must first be transferred to the smartphone connected to them via Bluetooth, and the latter already sends them to a remote server for processing.

    image
    Sony Smartwatch 3

    According to Beltramelli, the recognition accuracy of dialed numbers reaches 73% for touch screens and 59% for button devices. If you try to use the algorithm with a new device on which the neural network has not yet been trained, the accuracy is around 19%.

    Of course, people usually wear a watch on a less active hand, therefore, most likely a person will enter the card PIN-code in an ATM or terminal with the other hand. But this work shows that gadgets designed to solve some problems in life, sometimes they themselves create new problems.

    Also popular now: