Home > CAPEC List > CAPEC-626: Smudge Attack (Version 2.10)  

CAPEC-626: Smudge Attack

 
Smudge Attack
Definition in a New Window Definition in a New Window
Attack Pattern ID: 626
Abstraction: Detailed
Status: Draft
Completeness: Stub
Presentation Filter:
+ Summary

Attacks that reveal the password/passcode pattern on a touchscreen device by detecting oil smudges left behind by the user’s fingers.

+ Attack Prerequisites
  • The attacker must have physical access to the device.

+ Attacker Skills or Knowledge Required

Skill or Knowledge Level: Medium

+ Solutions and Mitigations

Strong physical security of the device.

+ Attack Motivation-Consequences
ScopeTechnical ImpactNote
Bypass protection mechanism
+ Technical Context
Architectural Paradigms
Mobile
+ Content History
Submissions
SubmitterOrganizationDateSource
CAPEC Content TeamThe MITRE Corporation2015-11-09Internal_CAPEC_Team
More information is available — Please select a different filter.
Page Last Updated or Reviewed: May 01, 2017