By Tommy Mysk
UPDATE (September 2, 2022): Added new remarks about Android 13 and comparison between Brave, Chrome, DuckDuckGo, Edge, and Firefox (Android)
UPDATE (September 1, 2022): Facebook fixed the iOS app. Now it stops monitoring the accelerometer. For the feature of “shake the phone to report a problem,” it is subscribing to an iOS shake event.
UPDATE (November 10, 2021): Added new section about access to the accelerometer in browsers (iOS/Android)
If you enjoyed this work, you can support it by checking out our apps:
tl;dr
Nearly every modern smartphone is equipped with an accelerometer, which, as the name implies, is a sensor that measures acceleration. It’s most commonly used for detecting the device’s orientation. It also has many other uses, whether as a game controller in racing games, as a pedometer for counting daily steps, or to detect falls as seen in the Apple Watch. There also have been some research to develop novel accelerometer applications: estimating heart rate, breathing rate, or even as a rudimentary audio recorder using just the accelerometer. Currently, iOS allows any installed app to access accelerometer data without explicit permission from the user. Curious apps might be able to learn a lot about users through the accelerometer and without their knowledge or permission.
Videos
The Accelerometer in iOS
The iPhone is equipped with accurate accelerometer and gyroscope hardware. It can measure the altitude, rotation rate, and acceleration of your iPhone with high accuracy.
Steve Jobs demonstrated the capabilities of these two sensors during the introduction of iPhone 4.
The accelerometer and gyroscope are bundled together in iOS and are part of the Core Motion Framework. For the sake of brevity, I will just say accelerometer to refer to both sensors.
The accelerometer has tons of applications and many apps rely on it. Most users won’t realize it when their favorite apps use the accelerometer. This is simply because apps don’t need a permission to read accelerometer data. Unlike access to location services and Bluetooth, access to the accelerometer is granted to all apps on the iPhone. So apps can read measurements from the accelerometer without any restriction– except for one. Apps can only read the accelerometer when they are active in the foreground. iOS prevents apps running in the background from reading the measurements.
Apps that access resources protected by a system permission have to specify why they need such an access. Developers have to formulate the reason in a simple description that conveys the message to the users. iOS shows the description on the permission dialogue when the app requests a permission from the user. Apps that don’t provide such information for each permission they need will not be approved by Apple’s App Review team. Since access to the accelerometer is not protected by a system permission, developers are not required to inform users about why they need the access.
At first glance, accelerometer data seems to be innocuous. It’s only about moving and rotating the phone, right? Can that breach your privacy? The answer lies in the next section.
Possible Scenarios
Accelerometer measurements are collected all the time while you are holding your phone. iOS makes the measurements accessible to the app that is active in the foreground. The app may choose to ignore the measurements or read them. There’re no boundaries for what an app can do with the measurements, but here are some spooky scenarios:
Motion and Activities
Accelerometer data reflects how you hold your phone and how you move. An app can tell if you are using it while lying, sitting, walking, or cycling. The app can also count your steps. Although access to the pedometer on the iPhone is protected by a system permission, there are many sophisticated algorithms that process accelerometer data to achieve exactly that.
It is worth mentioning that the iPhone is also equipped with a barometer, a sensor that measures air pressure and altitude. The barometer is also part of the Core Motion Framework and no permission is required to access it. As a result, any app can figure out your altitude and measure air pressure in your environment. Thus, any app can tell if you are riding on a bus, train, or plane while using it.
Heart Rate
The accelerometer can detect the slight movements of your hand and body while holding the phone. Researchers can use this data to estimate your heart rate. Thus, an app can potentially know your heart rate while you are using it.
Breathing Rate
Similarly to heart rate, researchers can use accelerometer data to estimate your breathing rate, and even diagnose certain diseases.
Precise Location
Accelerometer data doesn’t contain any location information. However, it can be used to infer your exact location based on the vibration pattern in your environment.
To illustrate this concept, consider the following example:
You are commuting to work by bus. While sitting on the bus, you open your favorite social app. Even though it is your favorite app, you don’t trust it enough to share your location with it. At the next stop, a passenger gets on the bus. The passenger sits on the bus and opens the same social app. But the passenger shares their precise location with the app. Now, if this social app is reading accelerometer data on your phone as well as the passenger’s phone, the app can easily figure out that both phones experience the same vibration pattern. Indeed, both phones are going to record the same vibrations, e.g. when the bus takes off, stops, and swerves left or right. The app now knows that you and the passenger are together in the same environment, hence same location. Don’t be surprised if you receive a recommendation from the app to add this passenger as a friend.
Audio Recorder
Sound waves generated by your phone speakers cause the phone to vibrate. As every sound makes unique vibrations, researchers were able to analyze the vibrations and work their way backwards to reconstruct the original sound.
So, if you are on a call and using the phone speaker, an app can pick up the vibrations generated by the speaker and recorded by the accelerometer. This way the app can record the call without having access to the microphone, albeit only the voice of your counterpart will be recorded.
Any Examples?
I tested several apps and checked if they read accelerometer data without a clear reason. Here are some examples:
Facebook reads the accelerometer all the time. Facebook actually shows a support prompt if a shake event is detected across the app. This could be one reason why Facebook reads accelerometer data. The prompt has an option to switch this feature off. However, switching it off doesn’t stop the app from reading the accelerometer.
The Facebook app for iOS has stopped monitoring the accelerometer, according to testing Version 382.1. The fix might have been applied in an earlier version. The app now requests shake events from iOS to present the support sheet when the user shakes the iPhone. This is the proper way to implement this feature.
Instagram only reads the accelerometer in DM and keeps reading it as long as the user in the DM view.
WhatsApp uses the accelerometer to add a motion effect to chat wallpapers. It is enabled by default, but you can switch this effect off in settings. The app stops reading the accelerometer when the effect is off. WhatsApp is mentioned here because it is a Facebook app.
Other Apps
The following apps didn’t show any sign of reading the accelerometer for no clear reason: Facebook Messenger, Signal, Slack, Telegram, TikTok, Threema, Twitter, and WeChat.
The next section will explain how you can find out the apps that read the accelerometer.
A Little bit Technical
As mentioned earlier, it is a bit hard for users to tell if an app is reading the accelerometer, but not for developers. I used the same method that I used before in our clipboard research. Xcode provides an option to view the system logs of the iPhone.
To do that, you need to connect the iPhone to Xcode and open the iPhone console. The console displays a lot of log messages. To reduce the noise, type “accelerometer” in the search field. Now you only see processes, or apps, that read the accelerometer. The following screenshot shows the log messages displayed when Instagram reads the accelerometer.
This video illustrates the process in action:
How about Browsers?
Browsers can also access accelerometer data without a permission, just like other iOS apps. The question that you might be asking: do browsers relay accelerometer data to websites you visit?
In iOS 13, Apple introduced a permission in Safari. A dialogue prompt is presented to the user when a website requests accelerometer data. This change was triggered by a study that showed many popular websites included scripts that read accelerometer data. Since all iOS browsers are forced to use WebKit, the permission dialogue protects access to the accelerometer regardless of the browser you are using, whether Safari, Firefox or Google Chrome.
And here is a note to Android users: the same applies to Google Chrome on Android. Google Chrome on Android shares the motion sensors data with every website you visit by default. The motion sensors actually refer to the accelerometer, gyroscope, and barometer sensors. The good news is you can change the default behavior. While there are many reasons to quit Google Chrome and switch to other browsers, this accelerometer issue shouldn’t be one of them.
So, if Google Chrome is your preferred browser on your Android phone and you are not comfortable with sharing the motion sensors with websites you visit, here is how you can disable it:
With the release of Android 13, I revisited popular browsers and tested if they allow websites to access the motion sensors/accelerometer by default. It turns out that Brave is the winner here. It is the only browser on Android that blocks access to the motion sensors by default.
Google Chrome and Microsoft Edge allow access by default with the possibility to change the behavior in the settings. Surprisingly, DuckDuckGo and Firefox allow access to the motion sensors by default and both browsers don’t provide an option to disable that. This is particularly shocking because both browsers, especially DuckDuckGo, promise a huge load of privacy features.
I contacted DuckDuckGo to inquire about their decision to share the motion sensors data with all visited websites despite the potential privacy issues discussed here. I will update the blog to include their response as soon as I hear from them.
This video illustrates how you can block access to the motion sensors on Chrome and Edge, it also shows that DuckDuckGo and Firefox don’t offer an option to block the access:
The following websites allow you to test how your browser handles accelerometer access:
For Android, open this link and check if the phone on the website follows your moves: https://intel.github.io/generic-sensor-demos/orientation-phone/
For iOS, open this link, tap on the button in the upper-left corner: https://accelerometerdemo.netlify.app
You can also use these nice websites:
https://krausefx.github.io/user.activity/
https://sensor-js.xyz/demo.html
Final Thoughts
As of iOS 15, access to the accelerometer is open to all apps. Accelerometer data encompasses private information about you that any app can easily expose by applying the right algorithm. The rule of thumb in information security is that private information should be protected. Access to the accelerometer should be protected.
App Versions
App | Version |
---|---|
340.0 | |
Facebook Messenger | 335.0.0.41.71 |
Google Chrome | 95.0.4638.74/Android 12 |
v210.0.0.16.67 | |
Signal | 5.22.1.3 |
Slack | 21.10.20 |
Telegram | 8.1.2 |
Threema | 4.6.12 |
TikTok | v21.5.0 |
8.87 | |
8.0.15 | |
2.21.200.15 |
Further Reading
- Jacob Leon Kröger, Philip Raschke, and Towhidur Rahman Bhuiyan. 2019. Privacy implications of accelerometer data: a review of possible inferences
- S Abhishek Anand and Chen Wang and Jian Liu and Nitesh Saxena and Yingying Chen.2020. Motion Sensor-based Privacy Attack on Smartphones
- S Abhishek Anand, Chen Wang, Jian Liu, Nitesh Saxena, and Yingying Chen.2021. Spearphone: a lightweight speech privacy exploit via accelerometer-sensed reverberations from smartphone loudspeakers.
Really insightful, thanks for raising awareness! For those interested in further details, we have summarized the privacy impacts of accelerometer data in recent study: https://dl.acm.org/doi/pdf/10.1145/3309074.3309076
TL;DR – I have summarized the study in a Twitter thread:
https://twitter.com/JL_Kroger/status/1420681035617116163)
Super insightful. I think this kind of post is really helping users and developers better understand when OS changes should be made. I hope to see future versions of IOS ask permission for accelerometer data, and that will likely only happen when people take time to make detailed posts like this, so “Thank you” for raising awareness.
Great article, and amazing research.
Good job!
Good job
Thank you very much