Saturday, August 30, 2014

Stealing ATM Pin codes with thermal cameras


Thermal cameras are very expensive devices, but some projects have been driving the prices down, making it more accessible than ever to have this technology in your hands. And besides all the useful things you can do with it (check for thermal leaks at home, finding problems, etc.) there's also the chance it will be used for bad things: like stealing ATM pin codes.

Some people try to hide the keyboard as they enter their PIN codes in ATMs and payment terminals; but if the person next in line happens to have a thermal camera... that won't mean much. Using a inconspicuous thermal camera add-on on their smartphones, they can easily see not only which keys you pressed but even the order in which you pressed them (with hotter keys being the latest).

Curiously enough, this attack works best in plastics/rubber keys than ATM's metal keys, as they dissipate  the heat faster and metal is seen as "reflective" by these cameras.

If you're suspicious the person behind you may have such a device, you can place your fingers - or the palm of your hand - over they keyboard, in order to make all the keys heat up, masking your pin code (or use a pen or stylus to type the code without touching it with your fingers). Anyway, for now you should worry more about skimmers or simply having someone looking over your shoulder, than worry about this kind of thermal attack - but be on the lookout. :)

No comments:

Post a Comment