Abstract:Security-conscious users are very careful with software they allow their phone to run. They are much less careful with the choices they make regarding accessories such as headphones or chargers and only few, if any, care about cyber security threats coming from the phone’s protective case. We show how a malicious smartphone protective case can be used to detect and monitor the victim’s interaction with the phone’s touchscreen, opening the door to keylogger-like attacks, threatening the user’s security and privacy. This feat is achieved by implementing a hidden capacitive sensing mechanism inside the case. Our attack is both sensitive enough to track the user’s finger location across the screen, and simple and cheap enough to be mass-produced and deployed en masse. We discuss the theoretical principles behind this attack, present a preliminary proof-of-concept, and discuss potential countermeasures and mitigations.