Research Shows Android's Pattern Unlock Method Can Easily Be Cracked

Researchers have discovered a way to break into Android smartphones that are locked using the operating system’s pattern unlock security method. They were able to do this using a computer vision algorithm that is able to trace a user’s finger movement on the smartphone’s display.

The pattern unlock on Android OS is displayed on screen as a grid of nine dots. Users will have to set a pattern by tracing a pattern on those dots to set up the pattern unlock security feature. This is usually employed in place of a password or PIN in order to unlock smartphones. Estimates indicate that about 40 percent of Android users use this method to lock their devices.

The research was made in collaboration between Lancaster University, the University of Bath and Northwest University in China, according to Android Authority. The researchers tested its method by filming smartphone users while they’re drawing the unlock pattern on their smartphones.

The computer vision algorithm will then be able to trace and recognize what the user is drawing as their unlock pattern by analyzing the footage. The software can correctly identify the pattern within just five attempts. The researchers tested its software on 120 unique patterns from 215 users.

Also, the software is still able to correctly guess the pattern even when a DSLR camera can’t see the device’s display and from nine meters away. The size of an Android device also doesn’t affect the process.

Making the pattern more complicated actually made it easier for the software to break into an Android smartphone. “We discovered that, in contrast to many people’s belief, complex patterns do not offer stronger protection under our attacking scenarios. This is demonstrated by the fact that we are able to break all but one complex patterns (with a 97.5% success rate) as opposed to 60% of the simple patterns in the first attempt,” the researchers noted in their paper’s abstract.

The researchers did however provide some tips to deter this kind of attack. Users can cover their fingers while drawing their pattern, or they could also adjust the brightness of their display to confuse the software, according to The Mirror.

Setting up passwords and PINs still appears to be the most secure way of locking Android smartphones. This new research also reinforces the idea that patterns of any kind are still very much less secure. For example, facial recognition tech can be fooled using photos, while fingerprints can simply be lifted using powder and tape.