During the first quarter of 2015, according to recent report presented by the International Data Corporation, sales of smart-watches were increased by 200%. It means that more than 11 million of smart-watches were sold in this period. These gadgets attract buyers and also attract attention of cyber criminals. A team of IT experts from the University Of Illinois (USA) has recently detected a new security risk created by these useful devices. They made an experiment and have shown that smart-watches can be used to track information that users type on their computers. By knowing which letters are typed by the owner of smartwatch, can help cyber criminals to steal logins and passwords, without connecting directly to victim’s pc and they don’t really need to change any configurations of smartwatch or perform any modification, because American researchers were able to perform everything with the help of only one application developed by them. Utility developed by them was able to collect all information received from various sensors, which were connected to the smartwatch.
With the help of information gathered from an accelerometer and a gyroscope, an application was able to register the motion of the hands and fingers on the keyboard. Moreover, experts used specific information to build a 3D map. After that they introduced that information into a special program that analyzed the rhythm of inputs. Using two different algorithms, researchers were able to find the exact key that allowed them to predict the different letters. One of them was able to discover the exact moment when the user begins to enter information on the keyboard, and create temperature map that was showing keys (letters on keyboard). Another algorithm was getting summary information and could analyze pauses between inputs, allowing them to calculate the number of letters that were pressed by right hand (because the smartwatch was on the left hand).
So, using this new mathematical utility as a dictionary, the researchers were able to find the letters typed by user who wore a smartwatch. This utility is effective, but it still must be further developed and improved, as it can not yet detect punctuation marks and other specific characters on the keyboard.
You can find more details about this experiment in the project called “Motion Leaks Through Smartwatch Sensors”. The project is currently funded by National Science Foundation. While smartwatches allow to monitor the important information such as heart rate, they can also compromise user’s security and violate privacy.
In this experiment, the researchers from University Of Illinois (USA) have developed a simple application, but it means that cyber criminals can make similar program and spread it through iTunes and Google Play stores. That’s why we recommend you to pay special attention and check the source and developer of any application before you download it into your smart watch device.