Do you think your passwords and account information is safe on your phone? Security researchers said that they have found a way to steal passwords from an Android phone, using simple photography and lighting techniques making it know the risk of touch screen phones. "Touch screens are touched, so oily residues, or smudges, remain on the screen as a side effect," according to the team of scientists at the University of Pennsylvania. These smudges reveal passwords in a form of "information leakage." Google's Android system uses a nine-point security grid, which the owner of the phone can swipe a password without having to lift a finger; but leaving an oily smudge that can easily be traced. A simple setup involving a camera, lighting, and photo-editing software allowed researchers to guess the pass code correctly 68% of the time. "We believe smudge attacks based on reflective properties of oily residues are but one possible attack vector on touch screens," the report added. "In future work, we intend to investigate other devices that may be susceptible, and varied smudge attack styles, such as heat trails caused by the heat transfer of a finger touching a screen." This obvious flaw is the latest sign for a need in heightened security on Android touch screen phones. Scientist have said that the fingerprints and smudges are difficult to remove; even if you try to wipe it away.