By Darren Smith, Weekend Contributor
Another method comes forth that should serve as a reminder that extra measures should be taken to guard one’s electronic security. In an interview with IT News, an Australian news medium, Sec-Tec reported that relatively inexpensive devices attachable to iPhones and other handhelds can use thermal imaging to photograph latent heat signatures left on keypads after users enter their PIN on access devices. Coupling this with technology to receive RFID (Radio Frequency ID) signals that provide account information, hackers and thieves can then be able to gain access to funds and users’ accounts.
Sec-Tec tested their theory on numerous devices, including: ATMs; Safes; and locks. Those devices having straight forward access, that is those in which the keypad was the sole source of access, were the most vulnerable.
In the case of a PIN containing four digits once the four keys are revealed with latent heat marks from the user’s touch, the next step involves determining the order for which each key is pressed in relation to the actual PIN. This step can be mitigated securely by imposing lock-outs or delays after two or three attempts having an incorrect combination. Yet the security of various systems might not have this feature, allowing a greater certainty of successful cracking. Sec-Tec arrived at a method to better determine key press order yet it declined to provide specifics, as well as your author’s deductions.
For access to devices having RFID the same method with the stand-alone keypad would also incorporate an RFID receiver to store the account access number and then marry this to the PIN data obtained through thermal imagery.
Sec-Tec provided an easy method to help thwart thermal eavesdropping that could be incorporated into individuals’ overall PIN protection. It recommended placing one’s palm over the entire keypad for a few seconds to hide individual keystrokes with a hotter image that covers each key. For manufacturers the company recommended the use of metallic keys that are less vulnerable to latent heat residue.
Below is a video depicting latent heat on keypads.
By Darren Smith
Source:
IT News Australia
Videoography credit: Sec-Tec Ltd, via YouTube
The views expressed in this posting are the author’s alone and not those of the blog, the host, or other weekend bloggers. As an open forum, weekend bloggers post independently without pre-approval or review. Content and any displays or art are solely their decision and responsibility.