Why it matters: It is easy to be visually hacked in public – that is, to have sensitive information stolen by someone looking at your computer or tablet screen. There are ways to prevent this, such as plastic screen covers that make it difficult for someone to read the document unless they are right in front of it. Microsoft may be working on a system that visually encrypts as you read it.
A recent Microsoft patent describes a system that encrypts a document, making it indecipherable to anyone other than the reader. The technique encodes the document by modifying letters in the text portion of the original document. It then displays the document in a privacy mode based on an alpha-blended version of the document, blending the original and encoded versions. The system then uses eye tracking to display the encoded version of the document in the peripheral regions of the user’s view and the decoded portion at the user’s fixation point.
Many solutions on the market already address this problem, ranging from physical privacy screens to applications that use eye-tracking and webcams to allow light from the screen to reach the intended user’s eyes while preventing the light from reaching a bystander’s eyes. However, they all have limitations.
Privacy screens make the display look dull to the intended user’s eyes as 100 percent light efficiency is difficult to achieve. Meanwhile, indiscriminately blurring or dimming non-fixated areas of the screen makes reading the text more difficult because it is akin to reading through a telescope.
According to the Ponemon Institute, visual hacking is a widespread problem. In 2015, the institute conducted an experiment in the US revealing how easy it was to capture sensitive company information through visual hacking. A similar but expanded experiment sponsored by 3M in 2016 included offices in China, France, Germany, India, Japan, South Korea, and the United Kingdom.
The 3M study found that an undercover white hat hacker visually hacked information in 91 percent of the global trials. In nearly half of the global trials, an undercover visual hacker was able to obtain information in 15 minutes or less. The hackers obtained 52 percent of the sensitive information from employee computer screens and were only caught in 32 percent of their attempts. The results aligned with those obtained in the Ponemon Institute’s smaller study.
Image credit: Giorgio Minguzzi