olly - Fotolia

Evaluate Weigh the pros and cons of technologies, products and projects you are considering.

What's the best way to prevent accelerometer tracking?

Attackers can use accelerometer tracking on mobile devices as an eavesdropping tool. Here are some ways to reduce the threat to your device.

New research claims that a telephone's accelerometer be used to track the device owner. How does this work? Is there anything we can do to prevent the accelerometer from being used as an eavesdropping device?

Traditional telephones don't have an accelerometer or GPS, and the word "smartphone" doesn't fully capture the power and capabilities that people carry in their pocket every day. With this power comes new risks that users should weigh against the benefits.

In order for the accelerometer tracking to work, the attacker first needs to install malware on the target smartphone. This could be both a malicious or a functional app included in a legitimate app from a rogue library. This is similar to a side-channel attack that allows an attacker to track the mobile user. This type of eavesdropping uses machine learning to monitor the path of a phone through a train system. Since the train system is along a fixed path, it can calibrate the attack based on specific points.

Accelerometer tracking prevention is difficult and requires more than putting tape over the camera lens on the smartphone or laptop. It may be impossible to disable all of the different features on a smartphone that can be used to track someone. Not to mention that most users willingly give newly installed apps access to the sensors in the smartphone and increase the risk of tracking even more. The most effective method of preventing the accelerometer from being used by malware to track your users is to prevent the malware from getting installed on the device. Do this by only installing approved apps from authorized app stores and running a security tool -- such as antimalware -- to monitor for malware.

Ask the Expert:
Have a question about enterprise threats? Send it via email today. (All questions are anonymous.)

Next Steps

Check out this introduction to mobile device management products for enterprises

Learn about device tracking laws before you decide to keep an eye on users

Find out how to stop phone tracking and GPS data leakage

This was last published in December 2015

Dig Deeper on BYOD and mobile device security best practices