The researchers’ algorithm was able to guess the PIN with a 99.5% probability on the first try using a list of the 50 most common PIN combinations. The value is lower if you take all 10,000 (four-digit) possibilities, but still high at 83.7 (at 20 attempts). The whole thing works with the help of machine learning and user behavior analysis. Because a smartphone owner keeps his device slightly different when he enters a PIN. The NTU researchers used accelerometers, gyroscopes, magnetometers, proximity sensors, barometers and ambient light sensors.
It is not the first time that these so-called “zero-permission” sensors have been used to try to undermine security functionalities.However, these were not all carried out with PINs, it is noted that the movements are much harder to grasp with this type of input. But this is also possible thanks to AI technologies and the corresponding progress in this area.