Sweden and UK universities discover SonarSnoop: a new technique that transforms Android smartphones into mini sonar systems to track a user’s finger across the screen and steal phone unlock patterns
It’s dubbed SonarSnoop and is a new technique that transforms Android smartphones into mini sonar systems. The aim: to track a user’s finger across the screen and steal phone unlock patterns. It has been discovered by cyber security researchers of Sweden and UK universities. The idea behind this kind of cyber attack, as ZDNet reported, is to use sound waves to track a user’s finger position across a screen. It emits sound waves from the phone’s speakers at frequencies inaudible to the human ear –between 18kHz and 20kHz. Just like in the case of a submarine’s sonar, it uses microphones to pick up the sound waves bouncing back off nearby objects, which in this case is the user’s finger. Depending on the placement of speakers and microphones on a device’s case, machine learning algorithms can be built to read the collected data and determine possible unlock patterns.
The cyber security researchers: At the moment the technique reduces the number of possible unlock patterns by 70%, but it’s improving
The research on the SonarSnoop has been published last week by academics from Lancaster University in the UK and Linköping University in Sweden with detail tests of this technique on a Samsung Galaxy S4 smartphone running Android 5.0.1. The cyber security researchers say it was able to reduce the number of possible unlock patterns by 70% using data obtained with SonarSnoop. The technique is in its early stages of experimentation, and accuracy is expected to improve. The use of sound for user tracking is a novel concept in the realm of cyber-security research. In past years, academics have explored the idea of using smartphone sensors such as accelerometers, gyroscopes, and proximity sensors to record and steal PINs and unlock patterns from smartphones.