We noticed you're browsing in private or incognito mode.

To continue reading this article, please exit incognito mode or log in.

Not a subscriber? Subscribe now for unlimited access to online articles.


Now Your Phone’s Tilt Sensor Can Identify You

Tiny hardware imperfections in smartphone and tablet accelerometers lead to unique “fingerprints” within the data they produce, researchers find.

All smartphones contain accelerometers, and apps get free use of that information for applications ranging from games to pedometers.

The sensor that lets your phone know which way the screen is oriented also—thanks to minute manufacturing variations—emits a unique data “fingerprint” that could allow your phone to be tracked, even if all other privacy settings are locked down, researchers say.

Unique imperfections: A micrograph of a MEMS accelerometer.

In addition to governing basic things like screen orientation, accelerometer data is widely used by apps such as pedometers and mobile games. Meanwhile, many apps often rely on advertising, which has led advertisers to search for ways to track users and their Web habits.

Even if you don’t allow apps to see your personal data or location, just the raw movements of the phone—which can be measured without permission—can betray the phone’s unique identity and track it over time, says Romit Roy Choudhury, an associate professor at the University of Illinois who cowrote a paper with colleagues at the University of South Carolina that describes the phenomenon. “There has been a lot of work to catch the leakage of ID information from phones,” he says. “We are now saying that accelerometer data going out of the phone can be treated as an ID.”

Accelerometers use a technology called micro-electro-mechanical systems, or MEMS. In the case of an accelerometer, tiny bars of metal move between other metal bars in response to motion, changing electrical capacitance and indicating 3-D movement. Using this information, a smartphone can determine a change in screen orientation, or translate physical movements to a character in a game.

But the underlying data varies minutely from accelerometer to accelerometer, the researchers found. After testing 80 accelerometer chips—plus 25 Android phones and two tablets that used accelerometers—the researchers could pick out the fingerprint with 96 percent accuracy.

Janne Lindqvist, a mobile security researcher at the Winlab at Rutgers University, says the work is novel and important. “Accelerometers still do not require ‘permissions’ to be enabled,” he says. “So they can be used stealthily. I think this is great work, and points out yet another reason why smartphones shouldn’t allow easy access to accelerometer data.”

Indeed, earlier research had shown that accelerometer data can also be used to infer passwords based on the taps people make on their phones.

No regulations or industry practices mandate that users must give affirmative permission before an app can access accelerometer motion data (in contrast, people must give permission before giving their precise location data from GPS chips).

Choudhury said his team was working on ways to add noise to the accelerometer data in a way that obscures the fingerprint, while still making the basic position data accurate. “We believe that some of this can be done for most of the applications, except the ones that you need very precise details,” he says.

Other sensors in smartphones—such as gyroscopes, magnetometers, and microphones—might also have similar electronic fingerprints. “Collection of such fingerprints from other sensors could allow a device to be tracked anywhere and for long periods,” Choudhury says.

Cut off? Read unlimited articles today.

Become an Insider
Already an Insider? Log in.
More from Connectivity

What it means to be constantly connected with each other and vast sources of information.

Want more award-winning journalism? Subscribe to Print + All Access Digital.
  • Print + All Access Digital {! insider.prices.print_digital !}*

    {! insider.display.menuOptionsLabel !}

    The best of MIT Technology Review in print and online, plus unlimited access to our online archive, an ad-free web experience, discounts to MIT Technology Review events, and The Download delivered to your email in-box each weekday.

    See details+

    12-month subscription

    Unlimited access to all our daily online news and feature stories

    6 bi-monthly issues of print + digital magazine

    10% discount to MIT Technology Review events

    Access to entire PDF magazine archive dating back to 1899

    Ad-free website experience

    The Download: newsletter delivered daily

You've read of three free articles this month. for unlimited online access. You've read of three free articles this month. for unlimited online access. This is your last free article this month. for unlimited online access. You've read all your free articles this month. for unlimited online access. You've read of three free articles this month. for more, or for unlimited online access. for two more free articles, or for unlimited online access.