Slashdot Mirror

← Back to Stories (view on slashdot.org)

How To Steal ATM PINs With a Thermal Camera

Posted by CmdrTaco on from the i-see-what-you-did-there dept.

An anonymous reader writes "Researchers from UCSD have demonstrated how thermal imagery cameras can be used to steal customers' PINs (PDF) when you withdraw cash from ATMs. Their paper, entitled 'Heat of the Moment: Characterizing the Efficacy of Thermal Camera-Based Attacks', (PDF) discovered that plastic PIN pads were the best for retaining heat signatures showing which numbers (and in which order) were used by bank customers. Fortunately the methodology does not appear to have been used by criminals yet, but a third of people surveyed admit that they do not check ATMs for tampering before withdrawing cash."

9 of 157 comments (clear)

  1. Touch typing defense by rwa2 · · Score: 4, Funny

    Hmm, I knew there was a reason that I rested all of my fingers uniformly across the keypad, gently caressing their every ridge and facet as I discreetly pumped out my digits into their PIN pad. Well, another reason, at least.

    Also I try to think about a completely different song than the one that corresponds to the letters that correspond to the numbers of my PIN, just to thwart any brainwave phreaking attacks as well.

    But still hoping we score some decent security measures out of this, like maybe a bank-issued gold card or something.

    1. Re:Touch typing defense by Herkum01 · · Score: 4, Funny

      I rested all of my fingers uniformly across the keypad, gently caressing their every ridge and facet as I discreetly pumped out my digits

      Have you considered a career writing Harlequin novels?

    2. Re:Touch typing defense by nedlohs · · Score: 4, Funny

      Just set the keypad on fire.

  2. Re:Now get back in line. by The+Moof · · Score: 5, Insightful

    Not to mention that the average person likely has no idea what a card skimmer looks like when compared to the card reader on an ATM.

  3. Re:Oh Sure, Academia Accepts THAT Paper by Anonymous Coward · · Score: 4, Funny

    And don't ever use Gamma Rays, you don't want the Hulk chasing you after you've pilfered his bank account.

  4. Easy to Avoid by tucara · · Score: 5, Funny

    Just make sure you add a bunch of heat on all the number keys before you leave to mess up their analysis. I recommend urinating on the keypad to get a good even distribution.

  5. Thermal imaging? That stuff is fun and expensive.. by Lonewolf666 · · Score: 4, Funny

    Even as a usually law-abiding citizen, I might be tempted to steal that camera thingy if i find it. The fact that it was put there by criminals would greatly reduce my pangs of conscience ;-)

    --
    C - the footgun of programming languages
  6. Re:Now get back in line. by Joce640k · · Score: 4, Interesting

    but a third of people surveyed admit that they do not check ATMs for tampering before withdrawing cash.

    Two thirds of them do? I find that very hard to believe.

    --
    No sig today...
  7. Re:Now get back in line. by kevinNCSU · · Score: 4, Interesting

    After looking at the pictures of scanners in this ( Consumerist Security Briefing from Gawker) I don't think I could tell even if someone put 4 ATM machines in front of me and told me one of them had a skimmer, pick it out. These things fit so perfectly over the card reader it seems near impossible to tell without pulling out a knife and seeing if you can get anything to pop off, and I don't think that'd make most places happy.