Scientists find a way to crack your phone's password using just the accelerometer

Perhaps you like the iOS-style string of numbers for logging into your smartphone. Perhaps you're more of a creative type, and like Android's artistic scribble system. Either way, your phone's internal sensors could be giving away all your secrets.

Cybersecurity experts at Newcastle University have discovered that it's possible to crack a four-digit pin within five guesses using only data collected from various internal phone sensors. But that's not all.

"Most smartphones, tablets, and other wearables are now equipped with a multitude of sensors, from the well-known GPS, camera and microphone to instruments such as the gyroscope, proximity, NFC, and rotation sensors and accelerometer," said Maryam Mehrnezhad, lead author on a paper describing the research. 

"But because mobile apps and websites don't need to ask permission to access most of them, malicious programs can covertly 'listen in' on your sensor data and use it to discover a wide range of sensitive information about you such as phone call timing, physical activities and even your touch actions, PINs and passwords."

Unique motion trace

The team postulated that every touch action - from tapping to scrolling and clicking would induce a unique motion trace. So on a known website, you'd be able to figure out what part of the page a user is clicking on and what they were typing from the motion traces alone.

"Depending on how we type - whether you hold your phone in one hand and use your thumb, or perhaps hold with one hand and type with the other, whether you touch or swipe - the device will tilt in a certain way and it's quite easy to start to recognise tilt patterns associated with 'Touch Signatures' that we use regularly," said Siamak Shahandashti, a co-author on the study.

In tests, the team found that it's possible to crack a four-digit pin with 70 percent accuracy on the first guess and 100 percent by the fifth. 

"It's a bit like doing a jigsaw - the more pieces you put together the easier it is to see the picture," said Shahandashti.

The team says that it has alerted the major phone vendors of the risks to their customers, but that no-one has come up with an answer yet. "It's a battle between usability and security," said Mehrnezhad. 

"One way would be to deny access to the browser altogether but we don't want to lose all the benefits associated with in-built motion sensors."

The full details of the research were published in the International Journal of Information Security.

The results of the study backs recent claims by the University of Michigan and the University of South Carolina that sound waves can be used to hack a phone.

Duncan Geere
Duncan Geere is TechRadar's science writer. Every day he finds the most interesting science news and explains why you should care. You can read more of his stories here, and you can find him on Twitter under the handle @duncangeere.