Accelerometer in phone has tracking potential, researchers find

October 14, 2013 by Nancy Owano report

(Phys.org) —The smartphone's paths to security vulnerability continue to capture the attention of security researchers. Currently, the focus is turning to the rise in sensors being designed into smartphones, and their potential role in breach of privacy. Researchers want to learn more about how data-producing sensors may raise security risks, and a recent finding turns its focus on accelerometers. A team at Stanford discovers that an accelerometer can help identify the smartphone in seconds. According to a detailed account of the research in SFGate, the discovery involves a Stanford University research team who last year set out to test if devices could be identified via various smartphone sensors. Hristo Bojinov, a PhD candidate in computer science and part of the group, said the intent was to raise awareness among device makers, designers and policy professionals how sensors might be an avenue for tracking. They did find flaws in phone sensors which, potentially, advertisers could exploit.

"Code running on the website in the device's mobile browser measured the tiniest defects in the device's accelerometer—the sensor that detects movement—producing a unique set of numbers that advertisers could exploit to identify and track most smartphones," said the report.

Ad tracking and privacy will continue to be a point of research, discussion and debate as companies pursue customer data in order to target ads and special offers. Cookies have served as a popular way for marketers to understand user actions and target ads accordingly. Product and service promoters could use the ID approach the same way they use cookies to monitor user online actions and target ads. What is worrisome about accelerometer-fed information is that there would be no user control. The data could not be allowed or denied by the user.

As for research, this would not be the first research attempt to look at the security aspects of accelerometers in smartphones. In 2010, a paper by researchers from Georgia Institute of Technology, University of Houston, University of Puerto Rico and Franklin W. Olin College of Engineering titled "Detecting User Activities Using the Accelerometer on Android Smartphones," made a similar point.

"Accelerometers can be used to detect movement and the rate of change of the speed of movement...the use of accelerometers in Android applications does not require the application to have permission to use it. Therefore, it is possible for an application to collect a user's accelerometer data without the user's knowledge. With accelerometer data and the use of a server to collect the information, it is a fairly simple task for someone to gain a user's personal information, their location, or to figure out what a user is doing or typing."

In 2012, a paper titled "Practicality of Accelerometer Side Channels on Smartphones" by researchers from the University of Pennsylvania reported that by analyzing data gathered by they were able to get a good idea of the Pin or pattern used to protect a phone. "In this paper, we show that the accelerometer sensor can also be employed as a high-bandwidth side channel; particularly, we demonstrate how to use the to learn user tap and gesture-based input as required to unlock smartphones using a PIN/password or Android's graphical password pattern."

What is noteworthy about findings from Bojinov and colleagues is that it was not only the accelerometer that could generate data for tracking. They also called attention to the microphone and speaker, where they were able to produce a unique "frequency response curve," based on how devices play and record a common set of frequencies. The researchers are to publish their results in the coming months.

Explore further: Turning iPhone into spiPhone: Smartphones' accelerometer can track strokes on nearby keyboards

More information: blog.sfgate.com/techchron/2013/10/10/stanford-researchers-discover-alarming-method-for-phone-tracking-fingerprinting-through-sensor-flaws/

Related Stories

Stealth game steals info from Android sensors

April 24, 2012

(Phys.org) -- No joke. A proof-of-concept application for phones running Android pretends to be a fun challenge asking the user to identify identical icons from a bunch of images. All the while the app monitors sensors to ...

openPDS software focuses on control of personal data

October 7, 2013

(Phys.org) —Regarded as a building block for the personal data ecosystem, open PDS has arrived. As Thomas Hardjono, technical lead of the MIT Consortium for Kerberos and Internet Trust commented in New Scientist, "We ...

Recommended for you

Interactive tool lifts veil on the cost of nuclear energy

August 24, 2015

Despite the ever-changing landscape of energy economics, subject to the influence of new technologies and geopolitics, a new tool promises to root discussions about the cost of nuclear energy in hard evidence rather than ...

Smart home heating and cooling

August 28, 2015

Smart temperature-control devices—such as thermostats that learn and adjust to pre-programmed temperatures—are poised to increase comfort and save energy in homes.

0 comments

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.