Researchers from the University of Florida and the University of New Hampshire presented their findings on an "invisible-finger" attack at Black Hat USA 2022 in Las Vegas last week. By combining some complicated technology, a robotic arm, and multiple antenna arrays, the researchers were able to remotely simulate a finger touching various capacitive touch screens.
The processor then interprets these signals as certain types of touch.
On many devices, including iPad, OnePlus, Google Pixel, Nexus, and Surface, hackers could simulate taps, long presses, and swipes in any direction.
"It just acts like your finger is doing the work," said University of Florida PhD candidate and lead speaker at the conference Haoqi Shan. "We can even generate an omnidirectional swipe on the iPad and Surface. We could totally use this to open a gesture-based lock."
Shan said they also sent money "using press and hold on PayPal." Some tests were halted due to the EMF's inability to trigger small hitboxes. For example, anything requiring a response to an Android yes/no dialog would not work because the tiny yes and no buttons were too close together.
For many reasons, it's important to realize that invisible fingers aren't the greatest threat to our gadgets.
Although the authors did not detail the equipment costs, the fact that the technique involves several pieces of likely costly hardware probably prevents it from being cost-effective. The robotic arm used to precisely position the electromagnetic antenna might cost hundreds of millions of dollars, and it requires extensive training in touch screens to register desired gestures.
Shan states that the range is far too short to be applicable in almost any conceivable scenario. It's a great tool for lab work, but it's difficult to pull off in a real-world situation.
Despite this, Shan assured conference-goers that this is a completely new attack mechanism, and that others could certainly improve upon it.
"[This technique] is a relatively new approach, [even] for experienced researchers, [though] you should be able to reproduce what we are doing now," Shan added. "You may come up with a more powerful or much cooler attack."
Shan believes capacitive touch display manufacturers should consider implementing force detection to deter future intrusions. Apple introduced "Force Touch" to iPhones and other devices in 2014. However, it did not discontinue it in 2018.
The most effective consumer-level protection for invisible fingers would be to use a Faraday cage. It might not be that convenient to slip your phone into a Faraday bag or something similar, but case manufacturers might create stylish phone enclosures that minimize electromagnetic interference. Some wallet manufacturers have already done this to protect credit cards from skimming devices that read a card's NFC chip.
If the above demo video is too tame for your brain, you may view the white paper and presentation slides at Black Hat USA's website.