Summary
Ledger wallets Nano X and Nano S Plus have received a security update with regard to the Pin Code entry interface on the OLED screen.
What is the security issue?
An attacker could potentially obtain the devices’ power usage information by finding a way to spy on the device’s power consumption whilst entering the Pin Code, for example by using a powerbank.
What is the security update?
With the aim of thwarting a technologically advanced attacker who may have the capacity to decipher a user’s Pin Code by measuring the amount of power used by the screen when entering the Pin Code, Ledger has changed the Pin Code entry interface to ensure that any power usage information withdrawn whilst entering the Pin Code is useless to a attacker. They have done this by making the number of illuminated pixels on each screen a constant.
Now instead of entering the digits on screen, the user simply moves an underline from digit to digit selecting the Pin Code from a numeral row of 0 to 9.
Personal responsibility
To avoid attackers gaining access to the Pin Code it is essential that users take precautionary security measures and ensure that there is no one watching when entering the Pin Code.
Ledger wallet software update
This update will be available with the next Ledger software update. Update on Ledger Live.
Shop Ledger Nano X and Ledger Nano S Plus hardware wallets