Fingerprint hunters are ready for a thermal attack.
A group of computer security experts has developed recommendations on how to protect against so-called "heat attacks".
Heat attacks use thermal imagers to read fingerprints on surfaces like smartphones, keyboards, and payment terminals.
Last year, Dr Mohamed Khamis and his colleagues at the University of Glasgow demonstrated how easy it is to hack services and platforms in this way. The team developed the ThermoSecure system, which used artificial intelligence to analyze and guess credentials in a few seconds.
Based on the already well-known literature and other scientific works, we have identified 15 different approaches that will help reduce risks.
Recommendations include, for example, wearing gloves or rubber finger pads and cooling your hands before entering a password. It is also advised to press the entire hand to the screen or panel with buttons after entering, and it will not be superfluous to breathe on the surface.
Then the experts conducted an online survey with the participation of 306 people. It was important to find out what security measures are preferred by people who regularly use personal gadgets, terminals and ATMs.
Mohamed commented on the results: "This is the first public review of security measures against heat attacks. Our survey showed interesting results. Intuitively, users suggested some strategies that were not found in the literature, for example, wait with the use of an ATM until the environment seems as safe as possible. They also responded positively to familiar strategies, such as two-factor authentication, because they understood their effectiveness."
Other expert suggestions are focused on hardware and software. The heating element in the devices could erase traces, and the surfaces themselves could be made of materials that dissipate heat faster.
You can increase security by introducing an algorithm that blocks keys until the surface cools down. In addition, input using eye tracking or other biometric data would reduce the risk of attacks.
Summing up the results, scientists advise to find a strategy that corresponds to the individual habits of each, and try to apply it as often as possible.
A group of computer security experts has developed recommendations on how to protect against so-called "heat attacks".
Heat attacks use thermal imagers to read fingerprints on surfaces like smartphones, keyboards, and payment terminals.
Last year, Dr Mohamed Khamis and his colleagues at the University of Glasgow demonstrated how easy it is to hack services and platforms in this way. The team developed the ThermoSecure system, which used artificial intelligence to analyze and guess credentials in a few seconds.
Based on the already well-known literature and other scientific works, we have identified 15 different approaches that will help reduce risks.
Recommendations include, for example, wearing gloves or rubber finger pads and cooling your hands before entering a password. It is also advised to press the entire hand to the screen or panel with buttons after entering, and it will not be superfluous to breathe on the surface.
Then the experts conducted an online survey with the participation of 306 people. It was important to find out what security measures are preferred by people who regularly use personal gadgets, terminals and ATMs.
Mohamed commented on the results: "This is the first public review of security measures against heat attacks. Our survey showed interesting results. Intuitively, users suggested some strategies that were not found in the literature, for example, wait with the use of an ATM until the environment seems as safe as possible. They also responded positively to familiar strategies, such as two-factor authentication, because they understood their effectiveness."
Other expert suggestions are focused on hardware and software. The heating element in the devices could erase traces, and the surfaces themselves could be made of materials that dissipate heat faster.
You can increase security by introducing an algorithm that blocks keys until the surface cools down. In addition, input using eye tracking or other biometric data would reduce the risk of attacks.
Summing up the results, scientists advise to find a strategy that corresponds to the individual habits of each, and try to apply it as often as possible.
