Fine with "1234"? An Analysis of SMS One-Time Password Randomness in Android Apps

TL;DR

This paper presents , a tool that analyzes Android apps to detect insecure implementations of SMS OTP generators, revealing widespread vulnerabilities that compromise authentication security.

Contribution

It introduces , an automated analysis method for assessing OTP PRNG security in Android apps without source code access, and demonstrates its effectiveness on thousands of apps.

Findings

399 apps have predictable OTPs due to weak PRNGs

194 apps rely solely on OTP, lacking additional security measures

The study highlights widespread OTP security vulnerabilities in Android apps

Abstract

A fundamental premise of SMS One-Time Password (OTP) is that the used pseudo-random numbers (PRNs) are uniquely unpredictable for each login session. Hence, the process of generating PRNs is the most critical step in the OTP authentication. An improper implementation of the pseudo-random number generator (PRNG) will result in predictable or even static OTP values, making them vulnerable to potential attacks. In this paper, we present a vulnerability study against PRNGs implemented for Android apps. A key challenge is that PRNGs are typically implemented on the server-side, and thus the source code is not accessible. To resolve this issue, we build an analysis tool, \sysname, to assess implementations of the PRNGs in an automated manner without the source code requirement. Through reverse engineering, \sysname identifies the apps using SMS OTP and triggers each app's login functionality to retrieve OTP values. It further assesses the randomness of the OTP values to identify vulnerable PRNGs. By analyzing 6,431 commercially used Android apps downloaded from \tool{Google Play} and \tool{Tencent Myapp}, \sysname identified 399 vulnerable apps that generate predictable OTP values. Even worse, 194 vulnerable apps use the OTP authentication alone without any additional security mechanisms, leading to insecure authentication against guessing attacks and replay attacks.