The way users move fingers across a phone's touchscreen alters the WiFi signals transmitted by a mobile phone, causing interruptions that an attacker can intercept, analyze, and reverse engineer to accurately guess what the user has typed on his phone or in password input fields.
This type of attack, nicknamed WindTalker, is only possible when the attacker controls a rogue WiFi access point to collect WiFi signal disturbances.
Details about the real-world attack and WindTalker, in general, are available in a research paper titled "When CSI Meets Public WiFi: Inferring Your Mobile Phone Password via WiFi Signals."
WindTalker attack has a 68%+ accuracy. more