Skip to main content
  1. Home
  2. Emerging Tech
  3. News

Infrared cameras can be used to steal PINs from ATMs

Derek Mead
By

Cameras, fake card readers, you name it… the list of schemes used to steal customer PINs at ATM machines is endless. Now it’s time to add another possible technique. Researchers at the University of California, San Diego recently presented the results of a study in which they found infrared cameras could be used to steal a PIN even after the customer left the ATM.

Led by Keaton Mowery, a doctoral student in computer science, the team found that they could measure the residual heat of ATM users’ fingers on the keypad. Using custom software that automated the camera’s heat-seeking abilities, they had 21 volunteers try out 27 random four-digit PINs on both plastic and brushed metal keypads.

Recommended Videos

The plastic pads were more insecure. If used immediately after the user entered his or her PIN, the team’s cameras accurately found the four digits in the PIN 80 percent of the time. After a minute, the success rate was still 50 percent.

Related

With metal’s higher thermal conductivity, heat dissipated from those keypads almost instantly, making stealing numbers nearly impossible.

An additional issue is the fact that, while the team was able to find the digits users pressed, it wasn’t feasible to regularly discover their order. Still, that’s only 24 possible combinations to test out versus the 10,000 a thief would have to work through if he or she started from scratch. Also, with the concept already proven, it’s possible that further refinements could measure the heat difference between the button pressed first and those following, although that’s yet to be shown.

So should you just completely give up ATMs, force your employer to pay you in cash and walk around with stacks of twenties in your pockets? Well, you can if you want, but it’s probably not necessary. One, as a rule it’s not a good idea to use an ATM with camera guys lurking around anyway, and this is no exception. Two, using a metal keypad pretty much eliminates the possibility of this scam working unless a hidden camera was filming the whole time. In that case, it’s already prudent practice to cover the keypad while you enter your PIN. Common sense and a preference for metal keypads should protect the average Joe from this particular scheme, but you’re more than welcome to ice your fingertips beforehand if it makes you feel safer. 

Photo credit: Keaton Mowery, via PhysOrg

Editors' Recommendations

Topics
Derek Mead
Derek Mead
Former Digital Trends Contributor
Why AI will never rule the world
image depicting AI, with neurons branching out from humanoid head

Call it the Skynet hypothesis, Artificial General Intelligence, or the advent of the Singularity -- for years, AI experts and non-experts alike have fretted (and, for a small group, celebrated) the idea that artificial intelligence may one day become smarter than humans.

According to the theory, advances in AI -- specifically of the machine learning type that's able to take on new information and rewrite its code accordingly -- will eventually catch up with the wetware of the biological brain. In this interpretation of events, every AI advance from Jeopardy-winning IBM machines to the massive AI language model GPT-3 is taking humanity one step closer to an existential threat. We're literally building our soon-to-be-sentient successors.

Read more
The best hurricane trackers for Android and iOS in 2022
Truck caught in gale force winds.

Hurricane season strikes fear into the hearts of those who live in its direct path, as well as distanced loved ones who worry for their safety. If you've ever sat up all night in a state of panic for a family member caught home alone in the middle of a destructive storm, dependent only on intermittent live TV reports for updates, a hurricane tracker app is a must-have tool. There are plenty of hurricane trackers that can help you prepare for these perilous events, monitor their progress while underway, and assist in recovery. We've gathered the best apps for following storms, predicting storm paths, and delivering on-the-ground advice for shelter and emergency services. Most are free to download and are ad-supported. Premium versions remove ads and add additional features.

You may lose power during a storm, so consider purchasing a portable power source,  just in case. We have a few handy suggestions for some of the best portable generators and power stations available. 

Read more
Don’t buy the Meta Quest Pro for gaming. It’s a metaverse headset first
Meta Quest Pro enables 3D modeling in mixed reality.

Last week’s Meta Connect started off promising on the gaming front. Viewers got release dates for Iron Man VR, an upcoming Quest game that was previously a PS VR exclusive, as well as Among Us VR. Meta, which owns Facebook, also announced that it was acquiring three major VR game studios -- Armature Studio, Camouflaj Team, and Twisted Pixel -- although we don’t know what they’re working on just yet.

Unfortunately, that’s where the Meta Connect's gaming section mostly ended. Besides tiny glimpses and a look into fitness, video games were not the show's focus. Instead, CEO Mark Zuckerberg wanted to focus on what seemed to be his company’s real vision of VR's future, which involves a lot of legs and a lot of work with the Quest Pro, a mixed reality headset that'll cost a whopping $1,500.

Read more