Your Phone's Camera and Microphone Can Reveal Your PIN
Cambridge security researchers have been hacking smartphone passwords using the devices' own cameras and microphones. Laurent Simon and Ross Anderson at the University of Cambridge used an app they called "PIN Skimmer" to capture passwords as they were entered into a Samsung Galaxy S3 and a Google Nexus S, both of which use number-only soft keyboards.
The PIN Skimmer can tell when you're tapping keys by "listening" to clicks via the phone's microphone. It correlates this with a recording of your face through the camera, then analyzes how the orientation of the phone changes from tap to tap. That tells it which part of the screen you're touching—i.e. which number you're pressing.
This kind of attack is known as a "side channel attack," which means it uses the physical properties of the phone. According to the researchers' paper, previous studies have used a phone's accelerometer and gyroscope to collect PINs, but theirs is the first to work with the camera and microphone. When they tested PIN Skimmer with a set of 50 potential four-digit passwords, they found it correctly inferred 30 percent of PINs after two attempts, and more than 50 percent after five attempts. It's worth keeping in mind an iPhone lets you have ten attempts to get your code right. "It did surprise us how well it worked," Anderson, one of the study's authors, told the BBC.
You might argue that a set of 50 PINs is hardly realistic of the infinite number combinations people could choose to lock their phones. That's true in theory, but the researchers point out that most people don't choose their passwords randomly, and the 20 most common four-digit PINs represent about 27 percent of user-selected PINs. If you're still using 1-2-3-4, it might be time for a change.
And using a longer PIN (if your phone allows it) is also no great help against the PIN Skimmer program. In fact, when test sets of 200 passwords were used, it correctly guessed more eight-digit PINs than four-digit PINs after five attempts. That's because the longer the PIN, the more information the program has to work with, and the less likely it is to confuse one password with another.
Senior Member
Posts: 9978
Joined: 2005-02-26
First they need to get the app on my phone, second I have key tones turned off, third I use a pattern unlock AND code lock. Not to mention xprivacy blocks apps from using anything without my say so.
Senior Member
Posts: 4412
Joined: 2008-03-03
well, that isnt new at all..
Also, there are tools out there, in the dark corner of teh webs, you would tzhrow your phone away if u know..
i work with these tools so i can counterfight them..
Me, personally, i wouldnt use this tool. i just need your phone. no pin, no nothing..even when its off. i can kill the pin and make a new one, also puk, and other passwords you might use on your Android device (pattern lock/etc)..
Of course, im not gonna link anything, nor to i answer PM´s with question where u can get this stuff..

im using a virtual framework on my phone..its like a virtual box

also, my system is restricted, even google or system cant phone home, send my data or whatever..(sensors are turned of atm at my Phone, thanks to an special "Framework"

BetA
edit:
@dcx_badass
yes, XPrivacy is a good start..one of the best and valuables tool for android Xposed FM...i would also ad AFwall+ with dinit support and some manuall modifikations to teh rom itself. i made my own rom, cause i was sick of google changing my rom and such..now, google cant do **** on my phone

Senior Member
Posts: 1066
Joined: 2011-12-04
That's precisely why I don't use my mobile for online banking, or pay for goods using NFC.
Often watch the trendies showing off by paying for coffees in the likes of Starbucks using that method, and it practically makes my hair stand on end seeing them do that.
Senior Member
Posts: 19562
Joined: 2010-04-21
What's the point in making it as complex as that? If it has to be installed on phone the begin with, with all those permissions, why not just send back the actual PIN that gets entered instead of all that camera, mic, tilt crap ?
Senior Member
Posts: 1095
Joined: 2010-11-28
So while the way it goes about collecting stuff is different, you'd still have to have the malicious app installed and give it permission for access to your microphone and camera.