Over 40% of Android users utilize pattern locks to safeguard their smartphones, devising elaborate shapes to prevent people from getting access to their phone. However, new research claims that the system is not as secure as individuals think it is.
Security experts at Lancaster University, Northwest University, and the University of Bath have managed to come up with a method to crack pattern locks within just 5 attempts. Not only that, they also assert that complicated outlines are the easiest to guess.
The researchers used a video and computer vision algorithm to deduce patterns. They put forth a scenario where an attacker covertly films a victim drawing on their device in a public setting such as a café. The software can then be used to track the person’s fingertip movements relative to the position of their handset.
The algorithm apparently takes just seconds to come up with a small list of potential patterns. Worryingly, the hack works regardless of the size of the display or if the footage isn’t able to capture any on-screen content. Results are supposedly accurate even if it’s filmed at up to 2.5m away on a phone or 9m on a DSLR.
The team behind the study was able to crack more than 95% of patterns within 5 attempts. Furthermore, they said that their system managed to guess 87.5% of median complex patterns and 60% of simple ones. The disparity occurs because complex lines are supposedly easier to conjecture since it helps the algorithm to narrow down options.
Countermeasures to stop such attacks from taking place include fully covering fingers while drawing, mixing pattern locking with other tools like entering a sentence via Swype-like systems, and having the screen’s color and brightness alter dynamically to confuse the hacker’s camera.