A new study has revealed just how easy it is for hackers to use the sensors in mobile devices to crack four-digit PINs and to access a wide variety of other information about users.
Cyber-security experts from Newcastle University in the U.K. found that once a mobile user visits a website, code embedded on the page could then use the phone’s motion and orientation sensors to correctly guess the users’ PIN. This worked on the first attempt 75 per cent of the time, and by the third try 94 per cent of the time.
The study, published in the International Journal of Information Security this week, also found that most people have little idea of what the sensors in our phones can do and the security vulnerabilities they pose.
The researchers identified 25 different sensors that are now standard on most phones. Yet websites and apps only ask for permission to use a small fraction of these — GPS and camera, for example.