Keyless car thefts in Britain are reported to have increased insurance payouts to over £1 million a day, according to the Association of British Insurers (ABI). The “worrying” increase in vehicle theft saw insurers pay out over £376 million to cover stolen cars last year, an increase of 29% on the year before. This could have a significant effect on the cost of insurance for consumers.
Tactics currently used by thieves to steal cars include relay attacks. These are targeted at vehicles that allow owners to unlock the doors simply approaching with the key fob in their pocket. Typically, in a driveway-based attack, two thieves will work together, each using a relay attack device. By holding one device next to the vehicle and the other close to the owner’s home, the vehicle is fooled into thinking the key is less than 2 metres away.
To counter this, vehicle manufacturers have started to roll-out countermeasures designed to stop these attacks. The first generation of fixes, relying on MEMS (motion sensors) and ultra-wide band technologies, have now been released, though recent testing by SBD Automotive has shown varying levels of effectiveness at stopping attacks.
With the next generation of smartphone key technologies, Bluetooth Low Energy (BLE) and Near-Field Communication (NFC), now being added to consumer vehicles, there is a risk that this increase in insurance payouts may continue. In testing the most recent iterations of these technologies, anti-theft security specialists at SBD Automotive found fundamental security weaknesses in one of these technologies.
Are the latest systems secure?
"Alongside unreliable registration processes and a lack of key sharing features, we have found that vehicles equipped with smartphone key systems are susceptible to attacks using equipment available for less than €40” says Sam Nelstrop, Senior Anti-theft Specialist at SBD Automotive. "Unfortunately, we are seeing some added convenience but with increased security risks in the BLE system, and a more secure but less convenient system in NFC. There are currently no vehicles with smartphone keys that manage to take the benefits of both.”
"It's certainly something we’ve seen before” says David Bell, CEO of SBD Automotive. “Fixed code key fobs in the early 90s were notoriously easy to attack, but by understanding the weaknesses, we were able to help manufacturers adapt their systems into the significantly more secure rolling code and finally the crypto code systems we see today. The same will be true for smartphone keys. By front-loading the development, including threat-modelling and risk assessment in the design process, and by including independent experts early, OEMs will be able to offer key systems to customers that offer both security and convenience."