back to article PINs easily pinched with iPhone-attached thermal imaging kit

A device which can be attached to smartphones is capable of stealing customers' PINs using thermal imaging, UK security consultancy Sec-Tec warns. Thermal imaging equipment – once the sole preserve of only the best-equipped attacker – is now available as a readily available iPhone accessory costing less than £200. The kit …

  1. Simon Harris
    Flame

    They won't steal my PIN

    Not if I torch the ATM keypad when I've finished with it.

    Try recovering my heat signature from that, matey!

    1. qwertyuiop
      FAIL

      Re: They won't steal my PIN

      I'm with you on this one.

      It seems to rely on the fact that it can recover the information for up to a minute after I've touched the keypad. Fair enough, but I don't touch the numeric keys just to enter my pin. I also touch them to enter the amount I want to withdraw, so in addition to the PIN there will also be the keys corresponding to the withdrawal amount.

      Even if somebody photographed the keys over my shoulder (which I might notice!) immediately after I'd entered my PIN then they only have the four digits - they've still got to get them in the right order within three tries!

      FAIL on all counts.

      1. Simon Harris

        Re: They won't steal my PIN

        Although almost all ATMs will have an on-screen menu of common withdrawal amounts, so often the only buttons you need after the PIN are down the sides of the screen, and you won't touch the keypad again.

        1. PacketPusher

          Re: They won't steal my PIN

          Not only that, but when using a chip & pin (or standard debit card in US) card at the store the amount is already known. The key pad is used just for the PIN

        2. Jan 0 Silver badge

          Re: They won't steal my PIN

          Ah, you're someone who doesn't like fivers? Those of us who do, key in a number ending in 5 to, typically get 3 fivers among the notes. (This doesn't work with all machines, but it certainly works with Tesco, Post Office and many other high street "holes in the wall".) So there are quite a lot of us who routinely key in 6 or 7 numbers.

  2. Steve Davies 3 Silver badge
    Joke

    it is all apple's fault

    They want to make sure that applePay is the only game in town

    See Icon

  3. msknight
    Joke

    Cue the inevitable...

    "Oh golly, I'm hot today!"

    "Comin' though. Hot stuff!"

    "Is that a thermal imaging iPhone peripheral in your pocket, or are you glad to see me? ... Oh! My iPhone says you're glad to see me!"

  4. Anonymous Coward
    Paris Hilton

    Paris as she's so hot the sensor will explode

  5. sorry, what?
    Facepalm

    Not exactly new threat, just new add-on advertising strategy...

    This threat was revealed as early as 2011, if not before (an example: http://www.dailymail.co.uk/news/article-2027699/Thieves-use-thermal-cameras-steal-ATM-pin-numbers.html), and isn't restricted to ATMs but also chip-n-pin machines.

    Since reading about it I've always ensured that I touch all the buttons before and after entering my PIN. OK, yeah, paranoid. OK, yeah, not really enough money at risk either. I'm probably just OCD.

    This article seems like just a free way to advertise the availability of a new iThing strap-on.

  6. Henry 8

    So the article says that this technique doesn't work on keypads with metal keys. Well fair enough, but I've used a far lower-tech solution to bypass keypads (er, obviously, only to get in to areas where I *should* have had access but didn't have the code to hand...). Just look for the keys that have the slightly greasy residue from people's fingers - far easier, cheaper and lower-tech than thermal imaging cameras!

  7. Hans Neeson-Bumpsadese Silver badge

    Number of numbers

    Slightly OT, but this got me thinking about the PIN that I can set to secure my smartphone. There are a few different security mechanisms (pattern, fingerprint, etc.) as well, but I'm just thinking about the PIN option here.

    The phone allows me to select a PIN of my choice, of 4 (no more, no fewer*) digits. A couple of decades ago I had a Nokia brick-ette which allowed me to set a PIN of more than 4 digits (for whatever reason, I settled on a 5-digit PIN which by reckoning is 10 times more secure than what my modern smartphone supports. Even if you know the digits involved, it's a case of 24 versus 120 different combinations.

    * I know that wording jars, but it's grammatically correct

  8. Velv
    Boffin

    So the simple solution is to touch more keys than you need, actually pressing only those that need pressed, but heating all of them. Increases the combinations any attackerxwould need to test.

    1. Brewster's Angle Grinder Silver badge

      I've been doing this for a while - adding a extra couple of digits on either end on my pin.

    2. FutureShock999

      I've been doing this for years just in case someone is shoulder surfing or video recording logins...making "fake" keypresses before, during, and after my main PIN. The fake ones don't depress the buttons, just rest on them...probably long enough to throw off a thermal scanner.

    3. This post has been deleted by its author

  9. John70

    Old News

    Just had to check the date of the news story because I remember reading something similar months ago... Quick Google search... Yep.. August 2014

    https://www.youtube.com/watch?v=8Vc-69M-UWk

    http://petapixel.com/2014/08/29/heres-iphone-thermal-cameras-can-used-steal-pin-codes/

  10. alain williams Silver badge

    More attacks ...

    if an ATM is not always in use, spray the keys lightly with a powder (talc would do) and when the mark has gone - see which ones have the powder rubbed off.

    All sorts of variations. Interesting.

  11. Slx

    Just do what I do : touch all the keys and only press the relevant ones.

    It confuses anyone attempting to see your pin and leaves heat traces all over the keypad.

    I just wish they would get rid of those ImpossiPush(tm) rubberised keypads that cause people to have to hammer the pad and makes their pin really easy to see.

    They're common in supermarkets.

  12. Alan Edwards

    Thermal sensor resolution

    Anyone know which thermal imaging camera they used to do this?

    Probably not one of the $200 FLIR iPhone dongles, as the thernal sensor in that has a 64x64 resolution. You'd have to be practically touching the keypad to get an image showing which keys were warm, and I doubt it has the thermal resolution to show such subtle temperature differences.

    1. Argh

      Re: Thermal sensor resolution

      I'd expect it's something like the FLIR ONE for iPhone and Android?

      The thermal imaging resolution is 160x120, but it also uses a regular camera to add more detail combined with the thermal image.

  13. Anonymous Coward
    Anonymous Coward

    photo

    you're going to have to be a very bold criminal to use that device inside a bank. Surely a member of staff or public, will see the electricity arcing out of the thing. You could tell them that you're wearing a very woolly cardigan and its just a bit of static.

  14. John H Woods Silver badge

    Surely the solution is ...

    ... IR illumination of keypad? Maybe slightly warming the whole pad would do it?

    1. Mystic Megabyte

      Re: Surely the solution is ...

      >... IR illumination of keypad? Maybe slightly warming the whole pad would do it?

      But then squirrels would nest there :(

      1. Simon Harris

        Re: Surely the solution is ...

        "But then squirrels would nest there :("

        I'm quite happy with any solution that lures squirrels away from our garden - this year they ate all the sunflowers and all the plums.

        1. Adam 1

          Re: Surely the solution is ...

          Mmmm. An ATM machine that spits out bacon. What a brilliant idea!

    2. Simon Harris

      Re: Surely the solution is ...

      If, as suggested, the sensor is a FLIR camera, its sensitivity is in the range 8 μm to 14 μm.

      Flooding the keypad with IR illumination from an infra-red emitting diode wouldn't really help - they tend to have wavelengths around 880 - 950 nm. Even an incandescent lamp's IR only peaks around 1.2 μm, although it tails off fairly slowly to longer wavelengths - there's still some radiant energy at 3 μm.

      You might want to consider a nice little infra-red grill above the keypad - at least then, not only could you securely withdraw money from the machine (although asbestos gloves may be required), but you could also cook bacon while doing so.

  15. Anonymous Coward
    Anonymous Coward

    Gloves.

    Or use your car keys to press the buttons, avoid picking up flu germs too :)

    1. Anonymous Coward
      Anonymous Coward

      Re: Gloves.

      +1 for the easiest solution.

  16. jelabarre59

    More of a problem when limited to 4 digits. Once you're beyond that you can start duplicating numbers. Say, for instance, you have a 7-digit PIN. Make sure you've duplicated two of them. So you could have a number like 1233455 (no, I don't have that number on my luggage, or anyplace else for that matter). Even if someone sees you've used the numbers 12345, they (probably) won't be able to see you used "3" and "5" twice. More useful on "smart"phones and tablets where you have smudgy fingerprints.

    1. Anonymous Coward
      Anonymous Coward

      Would a 4 digit PIN with two repeating digits yield more possible combinations for the cracker to test in this situation than one with four numbers as there's more uncertainty (you wouldn't know which of the three was repeated)?

      It would suddenly get a lot easier with two repeated digits (like, as it happens, my wife's PIN) though.

  17. Anonymous Coward
    Anonymous Coward

    Lame, this works only for a minute. The traditional methods work for hours

    Clean the keypad. Wait for next person to enter the pin. Whip out your Sherlock Holmes equipment consisting of fingerprint powder and fingerprint brush. You are not only going to learn which keys were pressed, you can retrieve his fingerprints too. Additionally you can also retrieve his DNA.

    Endless hours of fun follow. Create a fingerprint replica to lock/unlock your own iPhone. Have the DNA analysed for medical conditions etc.

  18. Jeff Lewis

    You know - I have a Seek thermal camera for my Android phone and I actually tried this a while ago and it was a flop. The heat differences for normal keypad use just wasn't big enough to register. In the video the user presses hard for a prolonged time to get the pad key to heat up. I don't think that's normal use.

  19. robidy

    Just touch a few extra buttons

    Seriously just touch a few extra buttons when you're using your hand to shield a camera from videoing what you're typing.

    The buttons key pads are so filthy and sticky it's unlikely you'll type anything, just warm the buttons a bit.

  20. JaitcH
    Happy

    There's an ...

    Android App that can do this. Free!

  21. raving angry loony

    Gaming to real life

    So Splinter Cell from a few years ago was right, and you can hack a pin-pad like that? Nice!

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon