All it takes is a little video and some object-tracking software, researchers find.
By Nathan Collins
(Photo: Jewel Samad/AFP/Getty Images)
Android phones’ “pattern lock” system is supposed to be pretty secure—so secure, in fact, that a few years back the Federal Bureau of Investigation had trouble cracking a suspect’s Android-based phone. Well, that was then, and this is now: A new study has figured out how to break into most phones using just a little bit of smartphone-captured video.
It’s a fairly common spy movie trope, watching someone closely to figure out passcodes, but with recent advances in computer vision, it’s become a reality. For a few years now, computer scientists have been able to figure out passcodes when a screen was at least partially in view—for example, when it was visible in a mirror. More recently, researchers figured out how to crack a phone based on hand movements alone, even when the screen was completely obscured. But what about pattern locks, where users aren’t typing but rather tracing a figure on a screen?
The question arose, as such things often do, at a bar. “[W]e were seeing somebody drawing a pattern at a pub, and we were wondering if we could infer the pattern without seeing the content displayed on the screen,” Zheng Wang, a lecturer in computing and communications at Lancaster University, writes in an email.
More than 80 percent of the most complex patterns were cracked on the first try, compared with just over half of the simplest patterns.
It’s not just bar trivia, however. “[W]e are always interested in understanding the vulnerability of authentication methods. The value of this kind of research to inform designers of potential weaknesses to help combat crime such as theft of data, fraud,” and so on.
So, Wang and colleagues set about trying to crack an Android phone. In their approach, an attacker can sit six feet away while surreptitiously recording video on a typical smartphone. Processing that video takes just a few additional steps: first, identifying the moment when a person unlocks his or her phone, tracking the motion of the target’s fingertip relative to the screen—not a trivial matter, but also not that difficult using modern object recognition algorithms—and then transforming fingertip movements into a set of candidate patterns to try once an attacker has the phone in hand.
Wang and team tested their method out with the help of 120 patterns submitted by Android phone users, and they reached an alarming conclusion: Not only could they crack 95 percent of those patterns within five attempts, but it was actually easier to figure out more complex patterns than simple ones. More than 80 percent of the most complex patterns—those that are longer, involve more intersecting swipes, and the like—were cracked on the first try, compared with just over half of the simplest patterns.
Although the method works even when there’s a little camera shake and from distances of up to about two meters, there’s one decidedly low-tech thing you can do to defeat the attack: Find something to cover up your finger and your phone when you unlock it.
The researchers will present their work at the Network and Distributed System Security Symposium, to be held in February in San Diego.