A side-channel attack on smartphones: Deciphering key taps using built-in microphones

Haritabh Gupta, Shamik Sural, Vijayalakshmi Atluri, Jaideep Vaidya

Research output: Contribution to journalArticlepeer-review

6 Scopus citations


In recent years, concerns are increasingly being expressed about the threats of side-channel attacks that exploit acoustic emanations from electronic as well as mechanical devices of daily use. With the increased level of sophistication in both hardware and applications that run on mobile phones, the number of possible ways in which their vulnerabilities can be exploited is also on the rise. In this article, we demonstrate a novel attack which uses the sound emanating from a tap made on the touchscreen of a smartphone to decipher the text being typed. The audio signal captured by the pair of microphones typically embedded in a smartphone is first processed to determine a candidate set of keys. Filters are employed to make this step robust against ambient noise. Natural language processing techniques are then used to estimate the most probable words and sentences that can be constructed from a sequence of taps. It is shown that using even off-the-shelf tools, the typed text including passwords can be guessed with reasonably high accuracy. Besides raising awareness about this potential side-channel attack, we identify the causes that allow it to succeed and suggest countermeasures.

Original languageEnglish (US)
Pages (from-to)255-281
Number of pages27
JournalJournal of Computer Security
Issue number2
StatePublished - 2018

All Science Journal Classification (ASJC) codes

  • Software
  • Safety, Risk, Reliability and Quality
  • Hardware and Architecture
  • Computer Networks and Communications


  • Side-channel attack
  • key tap
  • natural language processing
  • noise filtering
  • smartphone


Dive into the research topics of 'A side-channel attack on smartphones: Deciphering key taps using built-in microphones'. Together they form a unique fingerprint.

Cite this