“That’s a serious threat.”
- Research by Associate Professor Romit Roy Choudhury and graduate students Sanorita Dey and Nirupam Roy have demonstrated that the accelerometers used in mobile devices posses unique, trackable fingerprints.
- This suggests that even when a smartphone application doesn’t ask for geospatial information (“…would like to use your current location”), there are other surreptitious means of extracting that information.
- These fingerprints stem from subtle idiosyncrasies in device manufacturing and are reflected in the unprotected data shared with numerous applications.
Fingerprints — those swirling residues left on keyboards and doorknobs — are mostly invisible. They can affirm your onetime presence, but they cannot be used to track your day-to-day activities.
They cannot tell someone in real time that after exercising at the gym, you went to office in a bus and played video games during lunch. But what if our hand-held electronics are leaving real-time fingerprints instead? Fingerprints that are so intrinsic to the device that, like our own, they cannot be removed?
Research by Associate Professor Romit Roy Choudhury and graduate students Sanorita Dey and Nirupam Roy has demonstrated that these fingerprints exist within smartphone sensors, mainly because of imperfections during the hardware manufacturing process.
In some ways, it’s like cutting out sugar cookies. Even using the same dinosaur-shaped cutter, each cookie will come out slightly different: a blemish here, a pock there. For smartphone sensors, these imperfections simply occur at the micro- or nanoscale.
Their findings were published at the Network and Distributed System Security Symposium (NDSS), a major conference on wireless and web security, held last February in San Diego. The research also won the best poster award at the HotMobile international workshop in 2013.
Other collaborators on this project are Professors Srihari Nelakuditi and Wenyuan Xu at the University of South Carolina (USC). Roy and Dey completed their master’s degrees at USC, where they jointly won the Outstanding Thesis Award.
In the study, the researchers focused specifically on the accelerometer, a sensor that tracks three-dimensional movements of the phone — essential for countless applications, including pedometers, sleep monitoring, mobile gaming — but their findings suggest that other sensors could leave equally unique fingerprints.
“When you manufacture the hardware, the factory cannot produce the identical thing in millions,” Roy said. “So these imperfections create fingerprints.”
Of course, these fingerprints are only visible when accelerometer data signals are analyzed in detail. Most applications do not require this level of analysis, yet the data shared with all applications — your favorite game, your pedometer — bear the mark. Should someone want to perform this analysis, they could do so.
The researchers tested more than 100 devices over the course of nine months: 80 standalone accelerometer chips used in popular smartphones, 25 Android phones, and 2 tablets.
The accelerometers in all permutations were selected from different manufacturers, to ensure that the fingerprints weren’t simply defects resulting from a particular production line.
With 96 percent accuracy, the researchers could discriminate one sensor from another.
“We do not need to know any other information about the phone — no phone number or SIM card number,” Dey said. “Just by looking at the data, we can tell you which device it’s coming from. It’s almost like another identifier.”
In the real world, this suggests that even when a smartphone application doesn’t have access to location information (by asking “this application would like to use your current location”), there are other means of identifying the user’s activities. It could be obtained with an innocuous-seeming game or chatting service, simply by recording and sending accelerometer data. There are no regulations mandating consent.
To collect the data, the researchers — as with any would-be attacker — needed to sample the accelerometer data. Each accelerometer was vibrated using a single vibrator motor — like those that buzz when a text message is received — for two-second intervals. During those periods, the accelerometer detected the movement and the readings were transmitted to a supervised-learning tool, which decoded the fingerprint.
“Even if you erase the app in the phone, or even erase and reinstall all software,” Roy said, “the fingerprint still stays inherent. That’s a serious threat.”
The Latest on: Smartphone sensors
via Google News
The Latest on: Smartphone sensors
- Sensor Market Size is Projected to Reach USD 287 Billion by 2025, Growing at a CAGR of 9.5% | Valuates Reportson March 24, 2020 at 3:00 pm
A sensor is a device used to detect events or alterations in its environment and transmit the information to other electronics, often ...
- Highly Sensitive Wearable Strain Sensor Uses Light for Detectionon March 24, 2020 at 12:00 pm
Stick-on strain sensors that can accurately measure the flexion of joints, big and small, have turned out hard to make. Piezoresistive devices tend to have a delayed response and are not stable in the ...
- Review: Sleep better, save cash with the Nest Temperature Sensoron March 24, 2020 at 2:16 am
Want more precise control of the rooms your Nest Thermostat is heating or cooling? This $40 puck can save you some money.
- Elliptic Labs Launches a New Design Win for Xiaomi Redmi K30 Pro Smartphoneon March 24, 2020 at 12:00 am
OSLO, Norway--(BUSINESS WIRE)--In the race to roll out modern, feature-rich smartphones, China's giant Xiaomi has once again utilized Virtual Smart Sensors from Elliptic Labs to help Xiaomi deliver ...
- Smartphone Sensors Market Size, Status and Key Players: Ams, Broadcom, Dyna Image, Epson Europe Electronics, Murata, Everlighton March 23, 2020 at 1:46 am
The Smartphone Sensors Market is growing at a faster pace with substantial growth rates over the last few years and is estimated that the market will grow significantly in the forecasted period i.e.
- HMD Debuts First Nokia 5G Smartphone: The Nokia 8.3 5G with 4-Module Cameraon March 20, 2020 at 3:15 pm
while not driving quite as hard on features and prices as contemporary flagship smartphones. None the less, the large display phone packs a quad-sensor camera module, and in an interesting turn of ...
- Rumor: Samsung Working on ‘Almost 1-inch’ 150MP Sensor for Smartphoneson March 18, 2020 at 2:17 pm
An intriguing, and surprisingly plausible, rumor is flying around the smartphone world this week claiming that Samsung will be releasing an “almost 1-inch” sized 150MP ISOCELL CMOS sensor, and that ...
- Samsung Working On A 150MP Image Sensor For Q4 2020 Launchon March 18, 2020 at 12:29 pm
The race for more pixels is back and Samsung is once again on the forefront. Following the launch of the first 108-megapixel image sensor for smartphones, the South Korean company is now working to ...
- Samsung apparently has a whopping 150MP smartphone camera sensor in the works and Xiaomi has eyes on iton March 18, 2020 at 12:11 am
Buzz has it that Samsung is silently working on a new high-resolution 150MP camera sensor for flagship smartphones. Samsung's 150MP camera sensor is said to be roughly based on the same Nonacell ...
- Samsung Might Be Working On 1-inch 150MP Smartphone Camera Sensoron March 17, 2020 at 10:26 pm
Samsung is currently the only smartphone camera maker that provides a massive 108MP camera. And the company might be working on yet another high-resolution smartphone camera sensor to beat its own ...
via Bing News