If you think that the popular pattern lock system in Android smartphones is the best option to safeguard your device, you are mistaken as security researchers have found that it takes just five attempts to break into Android devices.
Pattern lock is a security measure that protects mobile phones or tablets. However, users only have five attempts to get the pattern right before the device becomes locked. It is used by around 40 per cent of Android device owners.
According to researchers from Lancaster University in Britain, Northwest University in China and University of Bath, Germany, attackers can crack pattern lock reliably within five attempts by using video and computer vision algorithm software.
By covertly videoing the owner drawing their pattern lock shape to unlock their device, the attacker, who is pretending to play with their phone, can then use software to quickly track the owner’s fingertip movements relative to the position of the device.
“Within seconds, the algorithm produces a small number of candidate patterns to access the Android phone or tablet,” the researchers said in a university statement.
“People tend to use complex patterns for important financial transactions such as online banking and shopping because they believe it is a secure system. However, our findings suggest that using Pattern Lock to protect sensitive information could actually be very risky,” said Zheng Wang, principle investigator and co-author of the paper.
Researchers evaluated the attack using 120 unique patterns collected from independent users. They were able to crack more than 95 per cent of patterns within five attempts. Experts believe that complex shapes were easier to crack because they help the fingertip algorithm to narrow down the possible options.
“Contrary to many people’s perception that more complex patterns give better protection, this attack actually makes more complex patterns easier to crack and so they may be more secure using shorter, simpler patterns,” added lead author Guixin Ye from Northwest University.
Researchers could crack all but one of the patterns categorised as complex within the first attempt but they successfully cracked 87.5 per cent of median complex patterns and 60 per cent of simple patterns with the first attempt.