If you think that the popular Android pattern lock systems are the best option to safeguard your device, you are mistaken as security researchers have found that it takes just five attempts to break into Android devices.
Android pattern lock is a security measure that protects mobile phones or tablets. However, users only have five attempts to get the pattern right before the device becomes locked. It is used by around 40 percent of Android device owners.
How Android Pattern Locks Were Broken
According to researchers from Lancaster University in Britain, Northwest University in China and University of Bath, Germany, attackers can crack Android pattern lock reliably within five attempts by using video and computer vision algorithm software.
By covertly videoing the owner drawing their Android pattern lock shape to unlock their device, the attacker, who is pretending to play with their phone, can then use software to quickly track the owner’s fingertip movements relative to the position of the device.
“Within seconds, the algorithm produces a small number of candidate patterns to access the Android phone or tablet,” the researchers said in a university statement.
Unlocked Android Pattern Lock Software a Security and Privacy Risk
“People tend to use complex patterns for important financial transactions such as online banking and shopping because they believe it is a secure system. However, our findings suggest that using Pattern Lock to protect sensitive information could actually be very risky,” said Zheng Wang, principle investigator and co-author of the paper.
Researchers evaluated the attack using 120 unique Android lock patterns collected from independent users. They were able to crack more than 95 percent of patterns within five attempts.
Experts believe that complex Android pattern locks were easier to crack because they help the fingertip algorithm to narrow down the possible options.
“Contrary to many people’s perception that more complex patterns give better protection, this attack actually makes more complex patterns easier to crack and so they may be more secure using shorter, simpler patterns,” added lead author Guixin Ye from Northwest University.
Researchers could crack all but one of the Android pattern locks categorised as complex within the first attempt but they successfully cracked 87.5 percent of median complex patterns and 60 percent of simple patterns with the first attempt.