Thermal Attacks on Mobile-based User Authentication

Researchers from the University of Stuttgart and the University of Munich Ludwig-Maximilian created a technique for “thermal attacks”. In this work, they examined the effect of the PIN / Pattern property on its vulnerability to thermal attacks.

The fact is that after typing a PIN or a graphic password on the screen of the mobile device, there remains a heat trace from the user’s hands, which will be clearly discernible for about 30 seconds after dialing. The modern thermal imager (the researchers used a thermal imager with a sensitivity of 0.04 degrees Celsius), is able to “extract” these data (PIN). But despite this, researchers write that to protect themselves from “thermal attacks” is possible, for this it is enough to hold your hand across the screen of the device.

The report (PDF) for this study will be officially presented at the ACM CHI 2017 conference in March 2017.

More.

DISCLAIMER: THIS POST IS FOR INFORMATIONAL PURPOSES ONLY AND IS NOT TO BE CONSIDERED LEGAL ADVICE ON ANY SUBJECT MATTER. DIGITAL FORENSICS CORP. IS NOT A LAWFIRM AND DOES NOT PROVIDE LEGAL ADVICE OR SERVICES. By viewing posts, the reader understands there is no attorney-client relationship, the post should not be used as a substitute for legal advice from a licensed professional attorney, and readers are urged to consult their own legal counsel on any specific legal questions concerning a specific situation.