Criminals
are always looking for new ways to rip us off. Whether it's ransomware,
phishing attacks or ATM skimmers, we constantly need to be on the
lookout to stay protected.
Researchers have discovered
that covering your hand while typing in your PIN code isn't a secure
enough procedure. That's because some high-tech thieves are using
thermal cameras to steal your PIN.
How this works is, once you
type in your PIN code, a thief can take a picture of the heat marks left
behind on the screen with a thermal camera. They are then able to
figure out the order that you typed the numbers in by the strength of
the heat marks. The last number you enter will show up stronger and the
first number will be lighter.
Image: Example of how criminals can steal your PIN using thermal cameras. (Source: University of Stuttgart)
This
doesn't only expose the PIN code to unlock your phone either. Thieves
can use this technique anywhere you type your credit or debit card PIN,
such as a grocery store, gas station or ATM.
Researchers at the
University of Stuttgart studied this technique of stealing PIN codes.
They found that they were able to successfully decipher a users' PIN 90
percent of the time if the thermal image was captured in 15 seconds or
less from the time the PIN was entered.
It's even worse for
Android users. The researchers were able to figure out the correct
pattern 100 percent of the time for those who use a finger-drawn pattern
code. They even had more time to take the thermal image, up to 30
seconds after the pattern was drawn.
Watch the following video from a YouTuber demonstrating how simple it is for a thief to take a thermal image of a PIN.
How thieves can steal your PIN
Researchers have discovered
that covering your hand while typing in your PIN code isn't a secure
enough procedure. That's because some high-tech thieves are using
thermal cameras to steal your PIN.
How this works is, once you
type in your PIN code, a thief can take a picture of the heat marks left
behind on the screen with a thermal camera. They are then able to
figure out the order that you typed the numbers in by the strength of
the heat marks. The last number you enter will show up stronger and the
first number will be lighter.
Image: Example of how criminals can steal your PIN using thermal cameras. (Source: University of Stuttgart)
This
doesn't only expose the PIN code to unlock your phone either. Thieves
can use this technique anywhere you type your credit or debit card PIN,
such as a grocery store, gas station or ATM.
Researchers at the
University of Stuttgart studied this technique of stealing PIN codes.
They found that they were able to successfully decipher a users' PIN 90
percent of the time if the thermal image was captured in 15 seconds or
less from the time the PIN was entered.
It's even worse for
Android users. The researchers were able to figure out the correct
pattern 100 percent of the time for those who use a finger-drawn pattern
code. They even had more time to take the thermal image, up to 30
seconds after the pattern was drawn.
Watch the following video from a YouTuber demonstrating how simple it is for a thief to take a thermal image of a PIN.
How to protect your PIN code
The researchers that discovered
this PIN stealing possibility have a very simple solution to stop
thieves from getting your code. Here are their suggestions:
Smartphone - Simply place your hand on the display screen after entering your PIN. This should remove all thermal traces.
Point-of-sale (POS)
- When typing your PIN at locations such as a grocery store, gas
station or ATM, place a few fingers on buttons that are not part of your
code. Hold them there while you type your PIN in and leave them there
for a few seconds after. This should make the digits that show up on an
infrared picture useless to the scammer. They will not be able to figure
out which buttons are actually part of the PIN and which were decoys.
Having a thief steal your PIN code by itself isn't a great danger to you. However, if they have installed a skimmer on a POS and get your PIN, your bank account is in serious trouble.
If
it's the PIN to your phone, the thief would need to get their hands on
it to cause problems. This is why you should never leave your gadget
where someone can take it without your knowledge. Don't leave it on your
desk at work, or anywhere for that matter, if you need to leave the
room for any purpose.
No comments:
Post a Comment