By Darren Smith, Weekend Contributor
Another method comes forth that should serve as a reminder that extra measures should be taken to guard one’s electronic security. In an interview with IT News, an Australian news medium, Sec-Tec reported that relatively inexpensive devices attachable to iPhones and other handhelds can use thermal imaging to photograph latent heat signatures left on keypads after users enter their PIN on access devices. Coupling this with technology to receive RFID (Radio Frequency ID) signals that provide account information, hackers and thieves can then be able to gain access to funds and users’ accounts.
Sec-Tec tested their theory on numerous devices, including: ATMs; Safes; and locks. Those devices having straight forward access, that is those in which the keypad was the sole source of access, were the most vulnerable.
In the case of a PIN containing four digits once the four keys are revealed with latent heat marks from the user’s touch, the next step involves determining the order for which each key is pressed in relation to the actual PIN. This step can be mitigated securely by imposing lock-outs or delays after two or three attempts having an incorrect combination. Yet the security of various systems might not have this feature, allowing a greater certainty of successful cracking. Sec-Tec arrived at a method to better determine key press order yet it declined to provide specifics, as well as your author’s deductions.
For access to devices having RFID the same method with the stand-alone keypad would also incorporate an RFID receiver to store the account access number and then marry this to the PIN data obtained through thermal imagery.
Sec-Tec provided an easy method to help thwart thermal eavesdropping that could be incorporated into individuals’ overall PIN protection. It recommended placing one’s palm over the entire keypad for a few seconds to hide individual keystrokes with a hotter image that covers each key. For manufacturers the company recommended the use of metallic keys that are less vulnerable to latent heat residue.
Below is a video depicting latent heat on keypads.
By Darren Smith
Source:
IT News Australia
Videoography credit: Sec-Tec Ltd, via YouTube
The views expressed in this posting are the author’s alone and not those of the blog, the host, or other weekend bloggers. As an open forum, weekend bloggers post independently without pre-approval or review. Content and any displays or art are solely their decision and responsibility.
Wouldn’t using a pencil eraser to press the keys prevent thermal imaging
Hold thumb on 2,5,8,0…
I wipe with a Scott Towel (paper towel) and not toilet paper. In the end, one is cleaner. No pun intended.
A train filled w/ Frenchmen and it took Americans and a Brit to step up and stop a terrorist. Sound familiar???
Thomas Barton JD,
One method you might try would be to log into WordPress by going to wordpress.com. One logged in look at the upper left corner of your screen. There you should see a box that reads “Following” with a gear like image to the right of this. Click on the Gear and it will then take you to the page with Blogs You Follow. There you will see a list that your are following. There is a grey circle with an X within that will allow you after clicking it to remove this blog from it. I don’t know if this affects email notifications but I would expect it to.
That’s about the extent of what I can recommend. Hope this helps
NOW THAT INFRARED IS SO ADVANCED MAYBE WORDPRESS AND MR TURLEY CAN WORK ON PERFECTING THEIR UNSUBSCRIBE TECHNOLOGY. I HAVE TRIED 6 DIFFERENT TIMES IN THE PAST 3 WEEKS. IT IS AS STUBBORN AS CRABGRASS IN THE MISSOURI SUMMER SUN .
Reblogged this on Scoop Feed.
OCD hand cleaners who use wipes before touching anything now just need to wipe the keypads before and after using. The rest of us can just wipe afterward. Or, after using the keypad, simply touch all the keys.