If you use a pattern lock to keep your Android phone secure, you might want to consider switching to a PIN, or better yet a fingerprint scanner, as researchers have found (opens in new tab) that patterns are fairly easy to crack.
Pattern lock is currently used by around 40% of Android device owners, who prefer it to PIN codes or text passwords. But according to research from Lancaster University, Northwest University in China, and the University of Bath, attackers can reliably get into your phone in just five attempts.
In fact, they found that the more complex the pattern you use, the easier it is to crack.
Of course, this isn’t pure guesswork on the part of attackers – it involves the use of video recording and computer vision algorithm software.
You're being watched…
According to the researchers, if an attacker was sitting across from you in a public place and spotted you using your phone, all they’d have to do is subtly record you unlocking your phone while pretending to use their own phone.
They’d then be able to use software on their phone that tracks finger movements relative to the position of your phone and produce a small number of possible patterns.
This might sound like an unlikely scenario, but interestingly the researchers found that the recording didn’t have to have a view of your screen, or even show information about the screen size, in order to work.
In fact, this method was found to be effective from up to two and a half meters away, so this isn’t a case of noticing a suspicious individual hovering over your shoulder. It would be fairly easy to achieve in a busy public place, particularly if attackers targeted those who behave like they're performing a magic trick when they unlock their phones.
According to the researchers, this kind of attack could easily be used by thieves who pre-plan their theft to get a phone’s code before taking it.
Out of the 120 unique patterns collected, the researchers were able to use this method to crack 95% of them in less than five attempts.
Keep it simple
Complex patterns, which the researchers classed as those which use more lines between dots, were said to be easier to crack as they greatly helped the finger tracking algorithm narrow down the possible patterns.
Dr Zheng Wang, principle investigator and co-author of the paper, and Lecturer at Lancaster University, said: “Pattern Lock is a very popular protection method for Android Devices.
“As well as for locking their devices, people tend to use complex patterns for important financial transactions such as online banking and shopping because they believe it is a secure system.
“However, our findings suggest that using Pattern Lock to protect sensitive information could actually be very risky.”
So how could you avoid falling victim to this kind of attack if you just can’t let that pattern lock go? Well, according to the researchers it’s as simple as making sure you completely cover your hand when you’re unlocking your phone.
Of course, remembering to do that every time is easier said than done.