iPhone pass code is one if the most in-secure security options available
as compared to Passwords in Android.
Smartphones have become part of our daily life, but it can be dangerous and can be used to reveal our PIN s.
A team of researcher in University of Cambridge found that numbers entered using number only soft keypad could be identified. They used a program called "PIN Skimmer" for this purpose. The software uses Smartphone's front facing camera and mic to see your face and to listen keypad clicks as you type. They used Samsung Galaxy S3 and Nexus S smartphones to carry this test.
According to research the microphone is used to detect the touch events as the user enters the pin. In effect it hears the clicks the phone makes as the a user presses a button on soft number pad. The camera then estimates the orientation of the phone as the user is doing this and "correlates it to the position of the digit tapped by the user.
"We watch how your face appears to move as you jiggle your phone by typing" said Ross Anderson, professor of security engineering at Cambridge University. And more important is "It did surprise us how well it worked" he told. When trying to work out four-digit Pins the program was successful more than 50% of the time after five attempts. With eight-digit Pins the success rate was 60% after 10 attempts.
Many smartphone users have a Pin code to lock their phone but they are increasingly used to access other types of applications on a smartphone, including banking apps. iPhone s have only option of pin codes as security lock and is more easy to break security in this way.
This raises the question of which resources should remain accessible on a phone when someone is entering a sensitive PIN, say the report's authors.
Earlier this year, another security flaw allowed malicious third-party apps to gather data from the smartphone's accelerometer sensors and used it to guess PIN codes and screen lock patterns. Have you ever experienced any similar security issues with your smartphone.? Please share your feedback.
Suggestions:
- Use finger print sensors (becoming available on iPhone 5S and new Droids) and facial recognition for Financial apps.
- Using large numbers for pin code, but it would be hard to remember.
- Use more complex pin codes or randomize the position of the digits.
Source: Phone arena
No comments:
Post a Comment