Skip to Content

Now Your Phone’s Tilt Sensor Can Identify You

Tiny hardware imperfections in smartphone and tablet accelerometers lead to unique “fingerprints” within the data they produce, researchers find.

The sensor that lets your phone know which way the screen is oriented also—thanks to minute manufacturing variations—emits a unique data “fingerprint” that could allow your phone to be tracked, even if all other privacy settings are locked down, researchers say.

Unique imperfections: A micrograph of a MEMS accelerometer.

In addition to governing basic things like screen orientation, accelerometer data is widely used by apps such as pedometers and mobile games. Meanwhile, many apps often rely on advertising, which has led advertisers to search for ways to track users and their Web habits.

Even if you don’t allow apps to see your personal data or location, just the raw movements of the phone—which can be measured without permission—can betray the phone’s unique identity and track it over time, says Romit Roy Choudhury, an associate professor at the University of Illinois who cowrote a paper with colleagues at the University of South Carolina that describes the phenomenon. “There has been a lot of work to catch the leakage of ID information from phones,” he says. “We are now saying that accelerometer data going out of the phone can be treated as an ID.”

Accelerometers use a technology called micro-electro-mechanical systems, or MEMS. In the case of an accelerometer, tiny bars of metal move between other metal bars in response to motion, changing electrical capacitance and indicating 3-D movement. Using this information, a smartphone can determine a change in screen orientation, or translate physical movements to a character in a game.

But the underlying data varies minutely from accelerometer to accelerometer, the researchers found. After testing 80 accelerometer chips—plus 25 Android phones and two tablets that used accelerometers—the researchers could pick out the fingerprint with 96 percent accuracy.

Janne Lindqvist, a mobile security researcher at the Winlab at Rutgers University, says the work is novel and important. “Accelerometers still do not require ‘permissions’ to be enabled,” he says. “So they can be used stealthily. I think this is great work, and points out yet another reason why smartphones shouldn’t allow easy access to accelerometer data.”

Indeed, earlier research had shown that accelerometer data can also be used to infer passwords based on the taps people make on their phones.

No regulations or industry practices mandate that users must give affirmative permission before an app can access accelerometer motion data (in contrast, people must give permission before giving their precise location data from GPS chips).

Choudhury said his team was working on ways to add noise to the accelerometer data in a way that obscures the fingerprint, while still making the basic position data accurate. “We believe that some of this can be done for most of the applications, except the ones that you need very precise details,” he says.

Other sensors in smartphones—such as gyroscopes, magnetometers, and microphones—might also have similar electronic fingerprints. “Collection of such fingerprints from other sensors could allow a device to be tracked anywhere and for long periods,” Choudhury says.

Keep Reading

Most Popular

Large language models can do jaw-dropping things. But nobody knows exactly why.

And that's a problem. Figuring it out is one of the biggest scientific puzzles of our time and a crucial step towards controlling more powerful future models.

OpenAI teases an amazing new generative video model called Sora

The firm is sharing Sora with a small group of safety testers but the rest of us will have to wait to learn more.

Google’s Gemini is now in everything. Here’s how you can try it out.

Gmail, Docs, and more will now come with Gemini baked in. But Europeans will have to wait before they can download the app.

This baby with a head camera helped teach an AI how kids learn language

A neural network trained on the experiences of a single young child managed to learn one of the core components of language: how to match words to the objects they represent.

Stay connected

Illustration by Rose Wong

Get the latest updates from
MIT Technology Review

Discover special offers, top stories, upcoming events, and more.

Thank you for submitting your email!

Explore more newsletters

It looks like something went wrong.

We’re having trouble saving your preferences. Try refreshing this page and updating them one more time. If you continue to get this message, reach out to us at customer-service@technologyreview.com with a list of newsletters you’d like to receive.