Smudge attacks – why I don’t use patterns to lock my Android phone

Have you tried to guessing a friend’s security pattern by looking at the trail of smudge on their phone’s screen? It turns out that the odds are in your favor. Researchers from the University of Pennsylvania has come out with a paper that takes a closer look at how greasy fingers can lead to smudge attacks – people guessing your security pattern by simply looking at the smudge trail on the screen of your smartphone or tablet device.

In their study, they were successful in guessing the right security pattern at an amazing 90 percent of the time! They further concluded that:

We showed that in many situations full or partial pattern recovery is possible, even with smudge ‘noise’ from simulated application usage or distortion caused by incidental clothing contact.

So I was right all along. The first time I saw a friend unlock his Android phone using a pattern and then a trail of smudge was on the screen, I knew that by following that grease trail, it wouldn’t be that hard to guess what the correct pattern is.

And I’m pretty sure most folks use the pattern feature to lock and unlock their devices as opposed to the traditional numeric PIN code. Between the two, I use a numeric PIN code and have never used a pattern in securing my Android phones.

Aside from this vulnerability with the pattern feature, the other reasons I don’t use it are:

I would easily forget the pattern even with numerous usages throughout the day. PIN numbers work best for me.

Other folks can easily remember it when they see it. With a pattern you just have to remember how someone moved their finger across the screen while in the case of numeric PINs, you’d have to consider which numbers were pressed and in what sequence to get it right.

My sweaty palms naturally create more smudge and greasy fingerprints on my devices.

I’m quite sure that I’m not the only one that has these concerns. Thankfully, the good folks at Lifehacker has come up with some solutions to mitigate the risks of smudge attacks. That plus a habit of regularly wiping your device’s screen will go a long way in securing your device.

Leave a Reply