No matters how difficult the pattern lock you have designed for your Android phone, security experts have found that it can be cracked in as low as five attempts.
Google’s Android is the first mobile platform to bring the pattern lock system. Though it is an upgrade over the conventional means of locking hardware including an alpha-numeric password and a numeric passcode, research conducted by the experts at Lancaster University, Northwest University in China, and the University of Bath, has revealed that attackers can crack any pattern using video and computer vision algorithm software.
The research claims that the attackers do not require the video to capture any on-screen content to unlock the device, and a computer vision algorithm is enough to track the fingerprint movements to deduce the geometry information. This approach is an upgrade to some prior attacks that were using the video footage in its raw form.
Difficult pattern is easier to be cracked
From a group of 215 independent users, the experts evaluated 120 unique patterns using the novel video-based attack. The process resulted in 95 percent of patterns within five attempts. Also, the research highlights that complex patterns with more lines between dots are easier to crack than the simple ones.
“Contrary to many people’s perception that more complex patterns give better protect, this attack actually makes more complex patterns easier to crack and so they may be more secure using shorter, simpler patterns,” said Guixin Ye, one of the student authors from Northwest University, in the study.
Researchers were able to obtain 87.5 percent of median complex patterns, whereas the tally of simple patterns stood at 60 percent.
Once unlocked, the attackers gain access any entire files stored on your Android device. You can, however, protect your personal data through a third-party app.
It is worth noting that most of Android smartphones nowadays come with a built-in fingerprint sensor to add an addition security layer to protect your data. However, a pattern or a PIN is still being deployed as the primary option for locking the hardware.