Your PIN is blowing in the Wind

Neues Paper von InfoSec-Fuzzies, die eine Methode entwickelt haben, um die PIN-Nummern während der Eingabe am Handy über die Fluktuationen in der WiFi-Signalstärke abgreifen, die durch – Achtung! – Finger- und Handbewegungen und die dadurch entstehenden Luftzirkulationen verursacht werden. (via Tanja)


WindTalker is motivated from the observation that keystrokes on mobile devices will lead to different hand coverage and finger motions, which will introduce a unique interference to the multi-path signals and can be reflected by the channel state information (CSI).

By setting up a rogue access point, determining the point in time when a user is entering a PIN (for the Alipay payment system in the demonstrated attack – the largest mobile payments company in the world), and observing the fluctuations in wifi signal, it’s possible to recover the PIN.