Prepare for a new mobile security threat: smudges. Or to be more precise, the oily residue left behind by fingers on your iPhone, Android, BlackBerry, or other touchscreen mobile device may help an attacker deduce your password.
That’s the message from researchers at the University of Pennsylvania, who presented a paper at this week’s Usenix conference analyzing “Smudge Attacks on Smartphone Touch Screens.”
Based on their results, “the practice of entering sensitive information via touchscreens needs careful analysis,” said the researchers. “The Android password pattern, in particular, should be strengthened.” But they cautioned that any touchscreen device, including ATMs, voting machines, and PIN entry devices in retail stores, could be susceptible to smudge attacks.
Read More/Source: Information Week