Smartwatch users might find themselves in danger as one study revealed that cyber criminals can easily exploit pin numbers and passwords through their wearable devices.
According to the study from Binghamton University and the Stevens Institute of Technology entitled “Friend or Foe? Your Wearable Devices Reveal Your Personal PIN,” it is possible for attackers to figure out secret access codes by tracking and measuring “fine-grained” hand movements used when typing security information into wearable devices.
Yan Wang, an assistant professor of computer science at Binghamton University and co-author of the study, said that there are two ways a hacker can track a wearable owner’s hand movements to figure out PINs and passwords: an internal attack that uses malware to access data from embedded sensors in a device; and an external hack employing a wireless sniffer to pick up Bluetooth signals sent between a wearable and an associated smartphone.
The researchers had 5,000 key-entry tests for three different security systems and they were able to successfully crack 80 % of PINs and passwords on the first try. The accuracy of the hacks even rose to more than 90 % with three tries.
With no immediate solution in sight, the researchers said that it is best not to enter security data into wearable devices if there is any chance of being observed either directly or remotely.
The researcher also noted that smartwatches can still be used effectively to monitor physical activities without giving away finer hand motions because the developers find ways to inject certain types of noise.
(Photo Source: Top Tech News)
