Stealing ATM Pin codes using thermal imaging
A sub-£200 iPhone accessory can be used to easily steal pin codes from cash machines, locks and safes up to a minute after your leave the machine.Reuters

An iPhone accessory that costs less than £200 can be used to easily steal your PIN code up to a minute after you have left a cash machine, according to UK security researchers. The method of obtaining your PIN has been uncovered by researchers at consultancy Sec-Tec, who used a thermal imaging camera to identify the code number on devices such as ATMs, locks and safes and discovered that some of these devices were leaking the digits pressed by a legitimate user for more than a minute after use.

Thermal Imaging Pin Pad at ATM
What a PIN pad looks like through a thermal imaging camera once you have entered the codePressat.co.uk

Using the device, the researchers were easily able to identify which buttons the users had pressed because they showed up as warmer than the buttons around them. The research was carried out on a range of devices which used PIN pads, including ATMs, safes and door locks.

The device used in the research was a Flir One, which retails for £199 and works with iPhones, iPads and Android smartphones and tablets. It is one of many similar devices on the market that promise professional thermal imaging technology which normally costs thousands of pounds. Uses for such cameras include home and car repairs, spot temperature measurements, and home security.

Identifying the key order

In this case, however, the researchers used the camera to quickly and easily identify which numbers were punched into a pin pad, but while identifying the keys pressed is straightforward, Sec-Tec said pinpointing the order in which they were pressed is considerably more difficult.

However, the consultancy says it has created two undisclosed methods that "assist considerably in the identification of key ordering" adding that many of the devices which use such pin pads don't have a lock-out mechanism meaning that "testing all combinations of a four-digit code once the digits are known is easy". The researchers were also able to combine this attack vector with existing RFID cloning equipment to successfully compromise two-factor door locks on a physical-penetration test.

While the prospect of having your PIN code stolen using such a simple technique is clearly worrying, Sec-Tec has outlined a couple of steps which can help to mitigate such attacks. It says that using metallic rather than rubber or plastic keys makes these types of attacks impossible while from a user perspective, pressing your palm across the entire keypad after entering your PIN prevents the attack in the majority of cases.