If you use a pattern lock to keep your Android phone secure, you might want to consider switching to a PIN, or better yet a fingerprint scanner, as researchers have found that it’s fairly easy to crack.
Pattern lock is currently used by around 40% of Android device owners, who prefer it to PIN codes or text passwords. But according to research from Lancaster University, Northwest University in China, and the University of Bath, attackers can reliably get into your phone in just five attempts. In fact, they found that the more complex the pattern you use, the easier it is to crack.
Of course, this isn’t pure guesswork on the part of attackers – it involves the use of video recording and computer vision algorithm software.
Keep it simple
According to the researchers, if an attacker was sitting across from you in a public place and spotted you using your phone, all they’d have to do is subtly record you unlocking your phone while pretending to use their own phone.
They’d then be able to use software on their phone that tracks finger movements relative to the position of your phone and produce a small number of possible patterns.
This might sound like an unlikely scenario but interestingly the researchers found that the recording didn’t have to have a view of your screen or even knowledge of screen size to work.
In fact, this method was found to be effective up to two and a half meters away, so this isn’t a case of noticing a suspicious individual hovering over your shoulder – it’d be fairly easy to achieve in a busy public place. Particularly if attackers targeted those that behave like they're performing a magic trick when they unlock their phones.
According to researchers this kind of attack could easily be used by thieves who pre-plan their theft to get a phone’s code before taking it.
Out of the 120 unique patterns collected, the researchers were able to use this method to crack 95% of them in less than five attempts.
Complex patterns, which the researchers classed as those which use more lines between dots, were said to be easier to crack as they greatly helped the finger tracking algorithm narrow down the possible patterns.
Dr Zheng Wang, principle investigator and co-author of the paper, and Lecturer at Lancaster University, said: “Pattern Lock is a very popular protection method for Android Devices. As well as for locking their devices, people tend to use complex patterns for important financial transactions such as online banking and shopping because they believe it is a secure system. However, our findings suggest that using Pattern Lock to protect sensitive information could actually be very risky.”
So how could you avoid falling victim to this kind of attack if you just can’t let that pattern lock go? Well, according to the researchers it’s as simple as making sure you completely cover your hand when you’re unlocking your phone.
Of course, remembering to do this every time is easier said than done.