Can Google Glass Steal Your Online Banking Passwords Just By Looking?


Privacy expectations have been evolving or changing for several years. As younger generations become more comfortable sharing personal information with less expectation that it will remain private, it’s no secret that our online privacy expectations are fading fast.

But the shocking claims reported by CNN Money that Google Glass wearers can allegedly steal pretty much everything, including your bank account details, credit card account, or even your Social Security number is reigniting the debate about our collective privacy expectations.

CNN pointed out that security researchers at the University of Massachusetts in Lowell have created software “that maps the shadows from fingertips typing on a tablet or smartphone. Their algorithm then converts those touch points into the actual keys they were touching, enabling the researchers to crack the passcode.”

Although Google has officially said its product is not a surveillance device, cyber forensics expert Xinwen Fu explains all a hacker needs to see is your finger moving across your mobile device.

“Google Glass is on your head, so it’s easy to adjust angle. What if you’re using mobile banking? We can steal your bank account password,” says Fu.

Fu and his research team – who will present more of these details next month at the Black Hat cybersecurity conference – says the major vulnerability is that keys are always in the same place on the keyboard.

Fu and his students tested out a few products: they used Google Glass to spot a four-digit PIN from three meters away with 83% accuracy; webcam video revealed the code with 92% accuracy; and the iPhone’s camera caught the passcode nearly 100%.

We know that Google Glass can be used to abuse data — but it can also be used to protect data. There’s been developments – and not entirely unsurprising in the wild frontier of mobile app technology – of a “futuristic” app for Google Glass to add an extra layer of privacy for users withdrawing cash from ATM machines. It displays a one-time personal identification number that only the Glass user can see. In other words, watching users enter a PIN is useless, as it changes each time.

The system is called Ubic and displays the PIN as a QR code, and no one is able to spy on the PIN. The system is more secure than sending new PINs to smartphones, which can be spied on by hackers.

Your Privacy and Google’s Goals

Above and beyond the consumer safety issues inherent in wearing Google Glass are the broader questions — does Google Glass comply with privacy laws, what about the “right to be forgotten,” and how does Google intend to use the information collected?

Remember, Google Glass does not just allow the wearer to record and observe other people. All of the data captured by Glass, including photos, videos, audio, location data, and other sensitive personal information, is stored on Google’s cloud servers. That means Google “owns” all of that data, much as it has admitted to scanning the contents of Gmail accounts for targeted advertising purposes.

Another cutting-edge development is a new patent application for technology that shields users from nearby video cameras. The patent describes how the technology would essentially “blur” the images of people and possibly deter overall video surveillance – or is that simply an impossible ideal in our modern world?

Get Private Wifi   Protect your personal information.
Get DataCompress   Cut your mobile data usage.

Alok Kapur

Alok Kapur is President and Chief Operating Officer at PRIVATE WiFi. In this role, Alok drive all aspects of marketing, business development and partnerships, sales and customer service for the company. Follow him on Twitter: @Aloknyc.

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.