Skip to main content
  1. Home
  2. Mobile
  3. News

Scientists just proved your phone’s PIN can be cracked using its gyroscope data

By

Forgot PIN Android
Simon Hill / Digital Trends
It’s no secret that smartphone PIN codes are not perfect, but new research suggests they might be next to worthless. A team of scientists at Newcastle University in the U.K. was able to guess a user’s phone PIN code with nothing more than data from the device’s sensors.

In a paper published in International Journal of Information security, researchers demonstrated how a phone’s gyroscope — the sensor that tracks the rotation and orientation of your wrist — could be used to guess a four-digit PIN code with a high degree of accuracy. In one test, the team cracked a passcode with 70 percent accuracy. By the fifth attempt, the accuracy had gone up to 100 percent.

Recommended Videos

It takes a lot of data, to be sure. The Guardian notes users had to type 50 known PINs five times before the researchers’ algorithm learned how they held a phone when typing each particular number. But it highlights the danger of malicious apps that gain access to a device’s sensors without requesting permission.

“Most smartphones, tablets, and other wearables are now equipped with a multitude of sensors,” Dr. Maryam Mehrnezhad, a research fellow in the Newcastle University School of Computing Science and lead author on the paper, said. “But because mobile apps and websites don’t need to ask permission to access most of them, malicious programs can covertly ‘listen in’ on your sensor data.”

The risk extends beyond PIN codes. In total, the team identified 25 different smartphone sensors which could expose compromising user information. Worse still, only a small number — such as the camera and GPS — ask the user’s permission before granting access to that data.

It’s precise enough to track behavior. Using an “orientation” and “motion trace” data, the researchers were able to determine what part of a web page a user was clicking on and what they were typing.

“It’s a bit like doing a jigsaw — the more pieces you put together, the easier it is to see the picture,” Dr. Siamak Shahandashti, a senior research associate in the School of Computing Science and co-author on the study, said.

Mehrenzhad said the team reached out to leading browser providers to alert them of the issue and that Mozilla and Safari have implemented fixes. But she said that researchers are still working with the industry to find a better fix.

“We all clamor for the latest phone with the latest features and better user experience but because there is no uniform way of managing sensors across the industry, they pose a real threat to our personal security,” Mehrenzhad said. “It’s a battle between usability and security.”

Editors’ Recommendations

Topics
Kyle Wiggers
Kyle Wiggers
Former Digital Trends Contributor
Kyle Wiggers is a writer, Web designer, and podcaster with an acute interest in all things tech. When not reviewing gadgets…
2025 could finally be the year of a budget-friendly Samsung Galaxy Z Flip
A person closing the Samsung Galaxy Z Flip 6.

The idea of a more budget-friendly Samsung clamshell has gained steam as well-known leakers drop more and more hints that a new Galaxy Z Flip is on the way. Today, another leak from someone in the know adds even more credence to that rumor.

Ross Young made a post on X where he suggested that Samsung might release a Z Flip 7 FE in 2025 with the clamshell design fans have waited for. Young has a proven record for accurate leaks, and their work in the supply chain gives him a unique insight into what companies are working on.

Read more
Google just announced Android 16. Here’s everything new
The Android 16 logo on a smartphone, resting on a shelf.

No, that headline isn't a typo. A little over a month after Android 15 was released to the masses in October, Google has already announced Android 16 and begun rolling out its first developer beta of the newest Android version.

If this seems like a much earlier release than usual, that's because it is. We typically expect the first developer beta of the next Android update to arrive in February. For Android 16, however, Google has pushed the timeline up by a few months and launched Android 16 Developer Preview 1 in mid-November.
Why Android 16 is launching so much earlier

Read more
Here’s every Pixel phone that can download Android 16 Developer Preview 1
The Google Pixel 9 Pro XL next to the Google Pixel 8 Pro.

Even though Android 15 launched only recently, Google is already moving on to Android 16, which is much earlier than is typical. And if you have a Pixel device from the past couple of years, you can get the Android 16 Developer Preview 1 right now.

Typically, when Google releases a beta for Android, the Pixel lineup gets it first before any other phones. When Google announced Android 16 earlier today, we didn’t know exactly which Pixel models would be able to get the Developer Preview. But Google just revealed which models can run Android 16, and two of them are a bit surprising.

Read more