Security experts have shown that a special-purpose deep-learning algorithm can be instructed to guess four-digit credit card PINs 41% of the time, even when the target is trying to cover the pad with their hands.
How Does It Work?
The attack requires the establishment of an exact copy of the target ATM. This is due to the importance of training the algorithm to match the dimensions and key spacing of various PIN pads.
Using videos of individuals entering PINs on the ATM pad, the replica is then taught to identify pad presses and assign precise probabilities to a set of guesses.
Below you can see the entire chain of the attack:
For this test, security specialists have gathered roughly 5,800 videos of 58 different individuals from various demographics, typing 4-digit and 5-digit PINs.
The machines on which the experts ran the predictive model were a Xeon E5-2670s with 128GB of RAM and three Tesla K20m with 5GB of RAM each.
Using three tries, which is usually the maximum number of times allowed before the card is temporarily suspended, the experts were able to recreate the correct succession for 5-digit PINs 30% of the time and 41% of the