Loose wrists shake chips: Your wrist-job could be a PIN-snitch
Smart watch, dumb botch: sensor sensitivity equals insecurity say boffins
Chinese scientists have brewed a way to steal -- with 80 percent accuracy -- automatic teller machine PINs by infecting wearable devices.
Five university boffins demonstrated the trick in a laboratory, finding even the slight hand movements a person makes while entering PINs can be captured through infected smart watches.
The sniffed telemetry data could be later crunched by algorithms to reveal the correct PIN. Subsequent monitoring increases the PIN guessing accuracy to upwards of 90 percent.
Chen Wang of Birmingham University, together with Xiaonan Guo, Yan Wang, Yingying Chen, and Bo Liu of Stevens Institute of Technology, New Jersey, describe their work in the paper "Friend or Foe?: Your Wearable Devices Reveal Your Personal PIN [paywalled].
They say they achieved the accuracy rating over 5,000 pin-entry tests on ATMs and other systems. Twenty subjects wore various wearable devices during the 11-month study in which hardware accelerometers, gyroscopes, and other standard smart device componentry allowed millimeter-accuracy in reading PINs.
"Wearable devices can be exploited," said Wang. "Attackers can reproduce the trajectories of the user's hand then recover secret key entries to ATM cash machines, electronic door locks and keypad-controlled enterprise servers."
An internally-developed backward PIN-sequence inference algorithm then turned the data into PINs with between 80 percent to 90 percent accuracy.
The team wins best paper at the Asia Conference on Computer and Communications Security.
Birmingham University says it is the first technique of its kind that does not require contextual data about the machine on which PINs are entered.
"There are two attacking scenarios that are achievable: internal and sniffing attacks," Wang says.
"In an internal attack, attackers access embedded sensors in wrist-worn wearable devices through malware.
"An attacker can also place a wireless sniffer close to a key-based security system to eavesdrop sensor data from wearable devices sent via Bluetooth to the victim's associated smartphones."
The team recommends generating noise within devices to confuse attackers.
Internet-of-things are known security failures, but the tiny size of the devices can make infection challenging.
The research was funded, in-part, by a grant from the National Science Foundation and the United States Army Research Office. ®