Wearables' motion analysis to give off PIN codes

July 07, 2016 // By Julien Happich
With the assistance of four graduate students from Binghamton University, Prof. Yingying Chen leading research at the Stevens Institute of Technology has found that PIN codes such as those entered in ATMs or other card-ready devices could be derived from the motion analysis of wrist-worn wearables.

In a paper titled "Friend or Foe?: Your Wearable Devices Reveal Your Personal PIN", the researchers combined data from the embedded sensors found in wrist-worn wearables, such as smartwatches and fitness trackers, and through a proprietary computer algorithm, extracted the motion patterns to match them with the layout of typical key entry pads.

In doing so, they were able to crack private PINs and passwords with 80-percent accuracy on the first try and more than 90-percent accuracy after three tries.

The researchers described two attacking scenarios, both relying on accessing unencrypted sensor data. In an internal attack, attackers would access embedded sensors in wrist-worn wearable devices through malware.

"The malware waits until the victim accesses a key-based security system and sends sensor data back. Then the attacker can aggregate the sensor data to determine the victim's PIN", explained Yan Wang, assistant professor of computer science within the Thomas J. Watson School of Engineering and Applied Science at Binghamton University and a co-author of the study.

In a data sniffing scenario, the attacker could place a wireless sniffer close to a key-based security system to eavesdrop sensor data typically sent over Bluetooth, from the wearables devices to the wearer's associated smartphones.

The researchers conducted 5,000 key-entry tests on three key-based security systems, including an ATM, with 20 adults wearing a variety of technologies over 11 months. The team was able to record millimetre-level information of fine-grained hand movements from accelerometers, gyroscopes and magnetometers inside the wearable technologies regardless of a hand's pose.

Those measurements lead to distance and direction estimations between consecutive keystrokes, which the team's "Backward PIN-sequence Inference Algorithm" used to break codes with excellent accuracy without context clues about the keypad.

This research highlight once more the pressing need for in-device data encryption and secure IoT communications, two very hot topics these days.

Visit the Binghamton University at www.binghamton.edu

Related articles:

Imagination adds security functions to cores for IoT