If you think your smartphone is secure, it may be time to think again as research reveals just how easy it is to bypass the security system and gain access.
The Pattern Lock system, utilised by millions of Android users worldwide, can be cracked using a few guesses with the use of advanced new software.
The revelations come from a Chinese-British team of researchers who undertook a large study into Pattern Lock security.
With as many as 40 per cent of Android devices using Pattern Lock the threat is real, with research findings showing how easy it is hack the system using a powerful algorithm, which utilises video footage of victims using their device. The filming is done whilst the victim is using their device publicly – later input into the algorithm, which then begins the process of cracking the code.
Cyber attackers do not even need to be in very close proximity to users – with teams capable of filming information from up to two and a half metres on a standard smartphone camera, and nine metres away from a digital SLR camera.
Attacks do not even really require the video footage, but rather the motion of a person’s finger, after which codes can be cracked quickly, within a few attempts.
The researchers tested the attack on 120 different patterns over 215 users. It was revealed that 95 per cent of patterns were ‘crack-able’ by the fifth go.
For some reason, longer codes proved easier to break – taking only one attempt in 97.5 of cases.
“Pattern Lock is a very popular protection method for Android Devices. As well as for locking their devices, people tend to use complex patterns for important financial transactions such as online banking and shopping because they believe it is a secure system,” said Lancaster University lecturer Dr Zheng Wang, principle investigator and co-author of the report.
“However, our findings suggest that using Pattern Lock to protect sensitive information could actually be very risky.”
In order to stay safe from threat, the researchers suggest that users are subtle when using Pattern Lock, in the same way as when entering a PIN number at an ATM – keeping details hidden as much as possible.