A team of computer scientists have found that by using the motion sensors on a smartwatch they could accurately guess a person’s bank PIN number.
Professor Yan Wang and his team at Binghamton University in New York discovered that by creating an algorithm that translates movement data they were able to crack cash machine PINs with 80 per cent accuracy.
Speaking to IEEE Yang revealed his initial surprise at how easy the entire process was.
“I have to admit, at the beginning, I thought this would be science fiction,” said Wang.
“But it can actually be done. There are just so many sensors on these wearable devices. It provides sufficient information of your hand movements.”
The team used three test devices: A LG W150, Moto 360 and the Ivensense MPU-9150.
What they found was that by taking the motion sensors from the smartwatches it was relatively easy to then translate a movement into a specific number on a keypad.
What’s even more concerning is that Yang feels this form of information hacking is relatively easy.
A hacker would simply need a Bluetooth ‘sniffer’ near to the cash machine which can then intercept any of the information being sent from the watch to the host smartphone.
Alternatively a piece of malware, downloaded through a spam email or corrupted app could then infect the smartwatch and start ending the information to the hacker.
Should we be worried? Well Yang says he doesn’t know of any hackers currently using this method but that doesn’t mean it won’t crop up in the future.
To help defend yourself against it he presents a relatively simple solution: Move your hand around between button presses.