Watch out for this new iPhone infrared pin number hack

  • October 13, 2014
  • 2 min read

Yet another fine example of how cybercriminals exploit cool new technology for personal gain.


Basically, companies are now selling inexpensive infrared cameras that you can snap on to the back of your iPhone, and someone very clever realized that the non-metallic input keys found on ATM machines and point-of-sale card swipers conduct heat. This means – as the video shows – that potentially anyone standing behind you in the checkout line or the ATM could see what buttons you pressed after you’ve walked away. Since the amount of conducted heat present in a button fades over time, and since the camera uses different colors to represent different temperatures, a person with one of these devices could also determine in what order the numbers were pressed, to steal your pin code.

At first glance, this is scary stuff. Spy stuff. The type of stuff you see in movies. What’s even scarier, though, is that beyond debit card pin numbers, the camera could also be used to steal access codes to security doors or safes.

Fortunately, prevention is simple: just place an extra finger on extra buttons to leave a heat mark, but don’t press. In the case of debit card pin theft, it’s also important to note that a pin number is essentially useless on its own. A random stranger won’t be able to use your debit card without the actual card (or number, if they have the ability to manufacture a fake). This should mitigate a lot of the potential theft from wannabe-spy-hackers who see this video and go out and buy themselves a new toy. The hack could gain traction among acquaintances, though. If someone sees you on a daily basis, knows your routine, knows where you keep your debit card, knows where you shop, and doesn’t really consider themselves your friend, how hard would it be for them to pull this one off and pocket an extra $500 at your expense?

Might seem like a long shot, but this may be one to keep in mind the next time you checkout with debit or visit the ATM. If someone at the office starts bragging about their awesome-new-infrared-iPhone-cam, it might also be wise to keep an eye on them ;)

