Research has suggested that wearable technology could be enabling hackers to discover consumers’ ATM PINs.
A Binghampton University study has shown that hackers need only download the sensor data from wearable devices like the Apple Watch using a program that scrapes data from it. The hacker can then intercept data being sent to the watch via Bluetooth.
Another possibility, says the study, is that hackers will be able to gain access to the accelerometer functions of the watches and study the pattern of movements a person makes at an ATM to discover their PIN.
“The proliferation of wearable devices, e.g., smartwatches and activity trackers, with embedded sensors has already shown its great potential on monitoring and inferring human daily activities,” says the study.
Out of the 5,000 instances of infection that the study tracked, the researchers were able to guess the victim’s PIN with an 80% rate of accuracy on their first time. After three attempts the success rate rose to 90%.
This technique, says the study is “the first that reveals personal PINs leveraging wearable devices without the need for labelled training data and contextual information.”