Blog article
See all stories ยป

Heat from your fingers could disclose your PIN at an ATM

Thermal cameras can apparently detect heat signatures from your fingers on the keys after you have left an ATM. The degree of heat residue can also indicate in which order you touched them! This technology will not work effectively on metal key pads, only on plastic ones, and the successs window is limited.

The message "cover your PIN when making an ATM or payment transaction" is constantly offered as best practice security advice to cardholders. Doing so protects it from visual compromise, although there is still a risk of compromise if a key pad overlay is used. Now thermal cameras have added an additional risk.

The technology was first highlighted by Michael Zalewski in 2005, and research has recently been carried out at the University of San Diego by Keaton Mowery, Sarah Meiklejohn, and Stefan Savage. This was presented at the Woot '11 5th USENIX Workshop on Offensive Technologies held on 8th August 2011 in San Francisco, in a presentation entitled "Heat of the Moment: Characterizing the Efficacy of Thermal Camera-Based Attacks." The research detected PINs on plastic key pads with approximately 80 percent accuracy 10 seconds after the person entered their PIN. 45 seconds after being pressed, the thermal cameras were still able to determine PINs with 60 percent accuracy.

Is this methodology commercially viable for criminals? The researchers state that: "...In large-scale attacks involving many unique codes, such as on ATM PINs, our success rate indicates that an adversary can correctly recover enough codes to make such an attack economically viable. " I'm not convinced. Apparently the researchers' camera costs US$1,950 per month to rent, and US$17,950 to buy, although the technology can only get cheaper over time.

What can we do? Keep covering our PINs when using ATMs or payment terminals as this eradicates the most significant risk - visual compromise. If an ATM with a plastic key pad is used, I suppose touching a few additional keys after your transaction might mitigate the risk of thermal compromise, as might shielding the PIN pad for a few extra seconds.

If you want to know more about the threat to your PIN from thermal imaging you can visit the website of the USENIX Workshop and download the slide presentation made by Mowery et al and/or the full research paper.


Comments: (1)

John Dring
John Dring - Intel Network Services - Swindon 30 August, 2011, 18:13Be the first to give this comment the thumbs up 0 likes

Heated keypad would solve it, but I guarantee no bank will pay for that mod until there's a proven case of thermal-image shoulder surfing!

How about wearing gloves?

Lachlan Gunn

Lachlan Gunn


BenAlpin Ltd

Member since

16 Mar 2007



Blog posts




More from Lachlan

This post is from a series of posts in the group:

Information Security

The risks from Cyber cime - Hacking - Loss of Data Privacy - Identity Theft and other topical threats - can be greatly reduced by implementation of robust IT Security controls ...

See all