Thermal Cameras' Downside

A new paper from three UC San Diego researchers shows how someone with a thermal camera can easily determine a bank customer's ATM PIN code by using the camera soon after that code is typed in. "Heat of the Moment: Characterizing the Efficacy of Thermal Camera-Based Attacks," written by Keaton Mowery, Sarah Meiklejohn, and Stefan Savage, explains that this method is, unfortunately for ATM users, superior to simply observing the transaction and hoping to memorize the code as the keypad is used or by filming it and watching the video later.

"This attack has the advantage over using a conventional camera that the codes do not need to be captured while they are being typed and can instead be recovered for a short period afterwards," their abstract states. "To get the broadest sense of how effective such an attack might be, we consider a number of variables: the material of the keypad, the user entering the code, the distance from the camera to the keypad, and the possible methods used to analyze the data....

"As we will see, both human and automated attacks are by and large successful in recovering the keys present in the code, even a full minute after they have been pressed; both methods are also able to determine the exact code (i.e., including the order in which the keys were pressed) for a smaller fraction of codes. Even without ordering, however, the search space of possible keys is still vastly reduced by knowing the keys pressed; for example, the search space is reduced from 10,000 possible codes to approximately 24 for a 4-digit code."

Metal ATM keypads are the best defense because they retain heat from a customer's fingers only briefly, the authors reported.

Posted by Jerry Laws on Aug 18, 2011