PIN and password can be hacked via Wearable Device

smartwatch

A study reveals that the wearable device is prone to hacking. Unmitigated, ATM PINs and passwords can be hacked through these devices. These results revealed from the study titled “Friend or Foe ?: Your Personal Wearable Devices Reveal Your PIN”.

smartwatch

Scientist at Binghamton University and Stevens Institute of Technology collected data sensors in wearable devices, such as smartwatch and fitness trackers using the algorithm. The goal is to open a gap to obtain a PIN or password.

Researchers conducted an experiment in (key-entry) as much as 5,000 times in 20 adults who use the keyword-based security systems, such as ATMs, for 11 months.

The result is very accurate with an accuracy rate of 80 percent on the first try, and 90 percent after the third attempt.

Researchers have little information recording until the slightest movement of the accelerometer, gyroscope, and magnometer that is in wearable devices without the need to pay attention to his pose.

Researchers consists of Assistant Professor of Computer Science, Yan Wang, followed by Chen Wang, Guo Xiaonan, and Bo Liu of Thomas J Watson School of Engineering and Applied Science at Binghamton University and Head of Research Yingying Chen of Stevens Institute of Technology.

They reveal, this is the first way that can reveal the PIN to exploit information from wearable devices without the need for contextual information

In internal attacks, hackers accessing wearable sensor devices worn on the wrist with malware. Malware will wait until the victim access security system with a password and sends back the sensor data.

In other attacks, hackers put a sniffer on the wireless security system to ‘eavesdrop’ sensor data that is sent to a Bluetooth mobile phone to the victim.

This study is fairly still at an early stage to understand the fragility of the security system of wearable devices.

Although they have yet to find a solution, the researchers suggest to the developers to inject some kind of ‘noise’ so that hackers can not read hand gestures. Developers are also advised to encrypt wearable devices and operating systems. “