My Magnetometer Is Telling You Where I've Been?: A Mobile Device Permissionless Location Attack.

Although privacy compromises remain an issue among users and advocacy groups, identification of user location has emerged as another point of concern. Techniques using GPS, Wi-Fi, NFC, Bluetooth tracking and cell tower triangulation are well known. These can typically identify location accurately with meter resolution. Another technique, inferring routes via sensor exploitation, may place a user within a few hundred meters of a general location. Acoustic beacons such as those placed in malls may have more finely grained resolution yet are limited by the sensitivity of the device's microphone to ultrasonic signals and directionality. In this paper we are able to discern user location within commercial GPS resolution by leveraging the ability of mobile device magnetometers to detect externally generated signals in a permissionless attack. We are able to achieve an aggregate location identification success rate of 86% with a bit error rate of 1.5% which is only ten times the stationary error rate. We accomplish this with a signal that is a fraction of the Earth's magnetic field strength. We designed, prototyped, and experimentally evaluated a system where a location ID is transmitted via low power magnetic coil(s) and received by permissionless apps. The system can be located at ingresses and kiosks situated in malls, stores, transportation hubs and other public locations including crosswalks using a location ID that is mapped to the GPS coordinates of the facility hosting the system. We demonstrate that using Android phone magnetometers, we can correctly detect and identify the when and the where of a device when the victim walks at a comfortable pace while their device has all the aforementioned services disabled. In order to address the substantial signal fading effects due to mobility in a very-low power magnetic near field, we developed signal processing and coding techniques and evaluated the prototype on six android devices in an IRB-approved study with six participants.