You Can Be Tracked Just By How You Swipe On Your Mobile Phone
How you swipe or touch your phone's screen could make you identifiable and trackable to companies, researchers from CSIRO's Data61 have discovered.
Most people know they can be tracked by internet ads and cookies – but CSIRO researchers found that apps can collect enough information on how a person gestures, swipes and taps on their smartphone to track them no matter what screen they're touching.
To test this out, the researchers built an Android app with four games in it: 2048, Lexica, and Logo Maniac, and an app for handwriting to capture swipes, taps, and keystrokes.
They then got 89 people to use this app, and captured 40,600 gestures, and researchers were able to correctly identify users using information from all of the gestures.
Dali Kaafar, who is the chief scientist at Optus Macquarie University Cyber Security Hub and group leader for information security and privacy at CSIRO Data61, told BuzzFeed News that the app measured the acceleration, the velocity of the swipes, the tap pressure, and the way people write characters and used all that information to identify people.
Kaafar said that by collecting and processing this information, the researchers were able to identify and track individual users purely based on how they used their phones.
He said the data could be used to identify people quickly on multiple devices.
"If you have a phone at home, and a phone you use at work, it is quite trivial to identify that behind these two screens sits the same person, the same individual," he said.
Whereas most tracking nowadays is via email accounts, logins on certain pages, or cookies that track what a device is doing, Kaafar said that this sort of tracking would allow companies to track a person.
"With touch-based tracking, it's really about tracking the physical person, and individuals."
Kaafar said that the scariest part was that apps did not have to seek permission to track this sort of information.
"All of this information is accessible without even asking for permissions," he said. "On both Android and iPhone, by the way. The information is there and it can be used by the apps. The system doesn't have proper permissions that would be required for [other information]."
Kaafar said that was probably because the information is viewed as harmless, but also potentially because apps need that information for user interaction optimisation, such as figuring how how users actually use the apps.
There were good applications of the capability, he said, such as locking down devices for people who don't have permission to access it, and allowing for better customisation of some apps like Netflix...
Thanks for reading...
Congratulations! This post has been upvoted from the communal account, @minnowsupport, by komoniok from the Minnow Support Project. It's a witness project run by aggroed, ausbitbank, teamsteem, someguy123, neoxian, followbtcnews, and netuoso. The goal is to help Steemit grow by supporting Minnows. Please find us at the Peace, Abundance, and Liberty Network (PALnet) Discord Channel. It's a completely public and open space to all members of the Steemit community who voluntarily choose to be there.
If you would like to delegate to the Minnow Support Project you can do so by clicking on the following links: 50SP, 100SP, 250SP, 500SP, 1000SP, 5000SP.
Be sure to leave at least 50SP undelegated on your account.
Very informative. Thanks for sharing