How secure are smart phones? Internet and wireless security is a massive business, one which did not exist a mere 25 years ago. Financial institutions spend millions on security as do service providers and online retailers. As soon as new security measures are in place, new technology steps in to completely alter the cyber-security landscape. The latest involves biometric scanning.
Technology, Crime, and Convenience; the Perfect Storm
As technology continues to advance, the methods deployed by criminals advances. The Internet changed life just one generation ago. With the Internet came far more sophisticated ways to exploit and con others.
Then came smart phones. With the touch of the screen, we can record our morning jog, the water we consumed, play a game, order nearly any product we want, and even deposit checks into our bank. Yet, all this convenience comes with a price.
The average major corporation today spends around $15 Million each year fighting cyber-crime. Estimates for total Internet security spending in 2015 reached $75 Billion USD and is expected to more than double by 2020. Those costs are passed on to consumers, meaning that without the need for such measures, prices for most high-tech gadgets could be much lower. But that is not the world in which we live.
The Latest Biometric Scanning Capabilities and Internet Security
Researchers from three major universities have found that anyone tapping into Multiple-Input, Multiple-Output WiFi connections are particularly vunerable to cyber-attacks.
MIMO connections are nothing new. In fact, the ability to create such multiple connections dates to several research papers written in the 1970s. However, a need for practical application did not arise until the advent of smart phones. Since the development of the 3G networks, MIMO WiFi connections have exploded around the world.
So the research coming from MIT, Shanghai Jaio Tong University, and the University of South Florida is disturbing. Why?
These teams of researchers found and demonstrated that with the MIMO WiFi systems, discovering passwords is quite simple. In essence, every smart phone records everything we do, including the finger swipes, keystrokes, passwords, and pins. By connecting the dots, that is, combining the keystroke data with the layout of the phone keypad or whatever security measure is in place, criminals can extrapolate the answer to their question: What is Your Password?
This research is both disturbing and encouraging. Not only did the research teams identify a serious vunerability in smart phone/MIMO WiFi technology, but they also recommended a simple to apply security measure: Randomize the sign-in screen/key pad displays. In other worlds, manufacturers will simply need to create a keypad/login screen which changes with every entry.
Hence, although criminal elements will still have the ability to determine positions of the fingers via radio-signaled biometric measures, they will not know the placement of the displays.
In essence, this is something like what the Enigma Machine did for Nazi Germany. Their radios broadcasted messages which were easily intercepted. Even after England managed to get an Enigma Machine, they still could not interpret the messages because they lacked the code. It was only after Alan Turing developed a machine which could process data quickly enough to crack the code that the English found the way through the Enigma enigma.
The Enigma of Technology, Smart Phones, and Modern Banking
Of course, as soon as technology finds a way to protect data such as our passwords from unsavory types, another method to crack the code will arise. Just as Alan Turning developed a machine (computer) to fight a machine (Enigma), so too will criminals find ways around any technology developed to stop them.
That is the down side.
The upside is that Internet Security is set to be a very secure industry…and growing.