Smartwatches Can Be Used To Spy On Your Card's PIN Code

An anonymous reader writes: A researcher has developed a smartwatch app that can interpret hand motions and translate the movements to specific keystrokes on 12-key keypads, like the ones used at ATMs. The app sends the data to a nearby smartphone, which then relays it to a server, for analysis. The whole AI algorithm on which it's built has a 73% accuracy for touchlogging events, and 59% for keylogging. The entire code is on GitHub, along with his research paper, and a YouTube video.

Hunt'n'Peck

[DrYak]

Also, for this to work, the PIN needs to by typed by "Hunt'n'Peck" method (one finger, hand moving around the keypad) so that there's actual wrist motions to be detected and spied on by the smartwatch.

Currently, smart-watches are worn by nerdy geeks (and are considered un fashionnable by the general population, though some marketing-centered companies like Apple are bound to eventually change the general perception of these gadgets), and geeks tend to touch type (thus more finger motion, using more than 1 finger and less wrist motion) by habit of using computers.

In other worlds, handedness aside, the poeple who tend to do the most spy-able like motion are the less likely to wear the spy device.

That's why the real-world crooks (card skimmer) have been relying on camera for the spying (when not plain tampering with the keypad).