The Stevens Institute of Technology recently published a study titled “Friend or Foe? Your Wearable Devices Reveal Your Personal PIN,” which revealed how easy it is for hackers to obtain passwords and even bank PINs through fitness trackers or smartwatches. The study found that the accelerometers and gyroscopes in these devices, which are used to track movement and sleep patterns, can also be used to record hand movements and reconstruct passwords and PINs. The researchers conducted an experiment with 20 volunteers who wore smartwatches and fitness trackers for 11 months, during which a software was installed to record the data inside the devices. The software was able to accurately record the hand movements of the users, making it easy for hackers to obtain sensitive information.
The study found that there are two ways in which hackers can obtain passwords and PINs through smartwatches and fitness trackers. The first method involves accessing the sensor data through the internal software, which can then be used to reconstruct the PIN. The second method involves placing a wireless device near an ATM, which can intercept the PIN through the sensor data of the smartwatch if it is connected to the user’s phone via Bluetooth. The researchers recommend that manufacturers of these devices take steps to close this security loophole, such as adding noise to the sensor data to make it harder for hackers to obtain sensitive information. Users are also advised to encrypt their data exchange with their phones to prevent unauthorized access.
This study highlights the potential risks associated with wearable technology and the need for manufacturers to prioritize security measures. As more people rely on these devices for various purposes, it is important to ensure that they are not vulnerable to hacking and that users’ sensitive information is protected.
