By Tommy Mysk
UPDATE (November 10, 2021): Added new section about access to the accelerometer in browsers (iOS/Android)
If you enjoyed this work, you can support it by checking out our apps:
Nearly every modern smartphone is equipped with an accelerometer, which as the name implies, is a sensor that measures acceleration. It’s most commonly used for detecting the device’s orientation. It’s also found many other uses, whether as a game controller in racing games, as a pedometer for counting daily steps, or to detect falls as seen in the Apple Watch. There also have been some research to develop novel accelerometer applications: estimating heart rate, breathing rate, or even as a rudimentary audio recorder using just the accelerometer. Currently, iOS allows any installed app to access accelerometer data without explicit permission from the user. Curious apps might be able to learn a lot about users through the accelerometer and without their knowledge or permission.
The Accelerometer in iOS
The iPhone is equipped with accurate accelerometer and gyroscope hardware. It can measure the altitude, rotation rate, and acceleration of your iPhone with high accuracy.
Steve Jobs demonstrated the capabilities of these two sensors during the introduction of iPhone 4.
The accelerometer and gyroscope are bundled together in iOS and are part of the Core Motion Framework. For the sake of brevity, I will just say accelerometer to refer to both sensors.
The accelerometer has tons of applications and many apps rely on it. Most users won’t realize it when their favorite apps use the accelerometer. This is simply because apps don’t need a permission to read accelerometer data. Unlike access to location services and Bluetooth, access to the accelerometer is granted to all apps on the iPhone. So apps can read measurements from the accelerometer without any restriction– except for one. Apps can only read the accelerometer when they are active in the foreground. iOS prevents apps running in the background from reading the measurements.
Apps that access resources protected by a system permission have to specify why they need such an access. Developers have to formulate the reason in a simple description that conveys the message to the users. iOS shows the description on the permission dialogue when the app requests a permission from the user. Apps that don’t provide such information for each permission they need will not be approved by Apple’s App Review team. Since access to the accelerometer is not protected by a system permission, developers are not required to inform users about why they need the access.
At first glance, accelerometer data seems to be innocuous. It’s only about moving and rotating the phone, right? Can that breach your privacy? The answer lies in the next section.
Accelerometer measurements are collected all the time while you are holding your phone. iOS makes the measurements accessible to the app that is active in the foreground. The app may choose to ignore the measurements or read them. There’re no boundaries for what an app can do with the measurements, but here are some spooky scenarios:
Motion and Activities
Accelerometer data reflects how you hold your phone and how you move. An app can tell if you are using it while lying, sitting, walking, or cycling. The app can also count your steps. Although access to the pedometer on the iPhone is protected by a system permission, there are many sophisticated algorithms that process accelerometer data to achieve exactly that.
It is worth mentioning that the iPhone is also equipped with a barometer, a sensor that measures air pressure and altitude. The barometer is also part of the Core Motion Framework and no permission is required to access it. As a result, any app can figure out your altitude and measure air pressure in your environment. Thus, any app can tell if you are riding on a bus, train, or plane while using it.
The accelerometer can detect the slight movements of your hand and body while holding the phone. Researchers can use this data to estimate your heart rate. Thus, an app can potentially know your heart rate while you are using it.
Similarly to heart rate, researchers can use accelerometer data to estimate your breathing rate, and even diagnose certain diseases.
Accelerometer data doesn’t contain any location information. However, it can be used to infer your exact location based on the vibration pattern in your environment.
To illustrate this concept, consider the following example:
You are commuting to work by bus. While sitting on the bus, you open your favorite social app. Even though it is your favorite app, you don’t trust it enough to share your location with it. At the next stop, a passenger gets on the bus. The passenger sits on the bus and opens the same social app. But the passenger shares their precise location with the app. Now, if this social app is reading accelerometer data on your phone as well as the passenger’s phone, the app can easily figure out that both phones experience the same vibration pattern. Indeed, both phones are going to record the same vibrations, e.g. when the bus takes off, stops, and swerves left or right. The app now knows that you and the passenger are together in the same environment, hence same location. Don’t be surprised if you receive a recommendation from the app to add this passenger as a friend.
Sound waves generated by your phone speakers cause the phone to vibrate. As every sound makes unique vibrations, researchers were able to analyze the vibrations and work their way backwards to reconstruct the original sound.
So, if you are on a call and using the phone speaker, an app can pick up the vibrations generated by the speaker and recorded by the accelerometer. This way the app can record the call without having access to the microphone, albeit only the voice of your counterpart will be recorded.
I tested several apps and checked if they read accelerometer data without a clear reason. Here are some examples:
Facebook reads the accelerometer all the time. Facebook actually shows a support prompt if a shake event is detected across the app. This could be one reason why Facebook reads accelerometer data. The prompt has an option to switch this feature off. However, switching it off doesn’t stop the app from reading the accelerometer.
Instagram only reads the accelerometer in DM and keeps reading it as long as the user in the DM view.
WhatsApp uses the accelerometer to add a motion effect to chat wallpapers. It is enabled by default, but you can switch this effect off in settings. The app stops reading the accelerometer when the effect is off. WhatsApp is mentioned here because it is a Facebook app.
The following apps didn’t show any sign of reading the accelerometer for no clear reason: Facebook Messenger, Signal, Slack, Telegram, TikTok, Threema, Twitter, and WeChat.
The next section will explain how you can find out the apps that read the accelerometer.
A Little bit Technical
As mentioned earlier, it is a bit hard for users to tell if an app is reading the accelerometer, but not for developers. I used the same method that I used before in our clipboard research. Xcode provides an option to view the system logs of the iPhone.
To do that, you need to connect the iPhone to Xcode and open the iPhone console. The console displays a lot of log messages. To reduce the noise, type “accelerometer” in the search field. Now you only see processes, or apps, that read the accelerometer. The following screenshot shows the log messages displayed when Instagram reads the accelerometer.
This video illustrates the process in action:
How about Browsers?
Browsers can also access accelerometer data without a permission, just like other iOS apps. The question that you might be asking: do browsers relay accelerometer data to websites you visit?
In iOS 13, Apple introduced a permission in Safari. A dialogue prompt is presented to the user when a website requests accelerometer data. This change was triggered by a study that showed many popular websites included scripts that read accelerometer data. Since all iOS browsers are forced to use WebKit, the permission dialogue protects access to the accelerometer regardless of the browser you are using, whether Safari, Firefox or Google Chrome.
And here is a note to Android users: the same applies to Google Chrome on Android. Google Chrome on Android shares the motion sensors data with every website you visit by default. The motion sensors actually refer to the accelerometer, gyroscope, and barometer sensors. The good news is you can change the default behavior. While there are many reasons to quit Google Chrome and switch to other browsers, this accelerometer issue shouldn’t be one of them.
So, if Google Chrome is your preferred browser on your Android phone and you are not comfortable with sharing the motion sensors with websites you visit, here is how you can disable it:
The following websites allow you to test how your browser handles accelerometer access:
For Android, open this link and check if the phone on the website follows your moves: https://intel.github.io/generic-sensor-demos/orientation-phone/
For iOS, open this link, tap on the button in the upper-left corner: https://accelerometerdemo.netlify.app
As of iOS 15, access to the accelerometer is open to all apps. Accelerometer data encompasses private information about you that any app can easily expose by applying the right algorithm. The rule of thumb in information security is that private information should be protected. Access to the accelerometer should be protected.
|Google Chrome||95.0.4638.74/Android 12|
- Jacob Leon Kröger, Philip Raschke, and Towhidur Rahman Bhuiyan. 2019. Privacy implications of accelerometer data: a review of possible inferences
- S Abhishek Anand and Chen Wang and Jian Liu and Nitesh Saxena and Yingying Chen.2020. Motion Sensor-based Privacy Attack on Smartphones
- S Abhishek Anand, Chen Wang, Jian Liu, Nitesh Saxena, and Yingying Chen.2021. Spearphone: a lightweight speech privacy exploit via accelerometer-sensed reverberations from smartphone loudspeakers.