Your smartwatch can give away your PIN without you noticing it!

Smartwatches are still niche devices, blending great traditional looks with stylish bands and the best and tiniest of technology. However, along with the numerous functions they offer, they can also be quite a worry at times thanks to their in-built technologies that hackers can explore.

Tony Beltramelli, a research scholar at IT University of Copenhagen, has published a research paper which reveals that movement data collected from sensors within a smartwatch can help hackers discern what is being typed on its keypad, and this information includes your smartwatch PIN.

Buying a smartwatch? Beware of cyber abusers

Smartwatches can be used to make contactless payments, reservations and typing text messages which may include all forms of confidential data like credit card numbers, phone numbers, e-mail addresses and passwords. These details can be accessed by monitoring sensors like accelerometer and gyroscope that are placed inside the watch.

Swatch to integrate timepieces with NFC technology, bypass smartwatch concept

"By their very nature of being wearable, these devices, however, provide a new pervasive attack surface threatening users privacy, among others. The goal of this work is to raise awareness about the potential risks related to motion sensors built-in wearable devices and to demonstrate abuse opportunities leveraged by advanced neural network architectures," said Beltramelli.

If you've got a wrist tattoo, the Apple Watch isn't for you

To test the concept, Beltramelli conducted research on touchlogging and keylogging in smartwatches and these tests revealed success rates of 73 per cent and 59 per cent respectively, which are exactly the probabilities of success for an eavesdropping cyber-criminal trying to decode your passwords.

"Dramatically, these observations imply that a cyber-criminal would be able, in theory, to eavesdropped on any device operated by the user while wearing a WAD. Thus granting access to sensitive and highly valuable information and possibly causing important damages," Beltramelli concluded.

Leave a Comment