Selected all your options? Now click here >>
Quick contact

THATCHAM RESEARCH ANNOUNCES UPDATES TO MANDATORY CAR SECURITY STANDARDS

Thatcham Research has announced forthcoming updates to the New Vehicle Security Assessment (NVSA) programme, centred on securing cars against the growing threat presented by digital compromise.

The NVSA is the security standard against which all new cars are assessed as part of the insurance Group Rating and will be updated in 2019 giving carmakers the opportunity to bring in fresh measures to address the challenges presented by digital theft techniques. The new criteria will be designed to shut down the Keyless Entry vulnerability, while anticipating other potential methods of digital and cyber-compromise.

Richard Billyeald, Chief Technical Officer, Thatcham Research comments, “Car crime is on the increase, with intelligence suggesting that electronic compromise is a factor in as many as one in four vehicle thefts. In the 1990s, the NVSA effectively brought an end to a car crime epidemic by introducing alarms and double-locking door functions, amongst other measures. Initiated in 1992, a year which saw 620,000 car thefts, this approach was instrumental in driving theft levels down by 80% up to 2016. In the same way, collaborative and concerted action from Thatcham Research, carmakers, Police and insurers will close the digital vulnerabilities exploited by today’s criminal gangs.”

Industry action

Thatcham Research has identified vulnerabilities in on-board electronic systems and criteria covering these areas will be included in the new standards. In addition, Police authorities have drawn attention to the increase in ‘chop shops’ – illicit garages where cars are dismantled to be sold on the spare parts market – and therefore criteria related to parts identification will also be carefully reviewed.

Billyeald continues, “CCTV footage of criminal gangs exploiting a vulnerability in keyless entry systems has been highly visible in recent months. However, we estimate that only 1% of cars on the road have this technology. Carmakers are already introducing keys with motion sensors which deactivate when stored, and new secure signal transmission technologies. In the short term, while these counter-measures come into the market, concerned drivers should contact their dealer to discuss the digital functionality of their cars.

“The online availability of tools which criminals can plug into vehicles to programme a false key is also a concern. We support recent calls from the Police for closer regulation of the sale of these devices, which have no use outside of a licensed bodyshop or garage.”

What should drivers do?


Thatcham Research advice for drivers with concerns about car security:

  • Understand the digital functions of your car: do you have a keyless entry system? If so, can the fob be switched off overnight?
  • Speak to your dealer about software updates and whether new key fobs with added security are available
  • Store keys away from household entry points: a keyless fob should be stored as far into your home as is possible, hampering a criminal’s ability to detect and relay its signal
  • Make sure shielding devices work: Faraday pouches and containers will block the signal from a keyless entry fob – but test this yourself to make sure it is effective
  • Be vigilant: choose well-lit areas to park in, observe that your car has locked correctly and report any suspicious behaviour to the Police

Current digital theft techniques explained

The OBD Hack
The On-Board Diagnostic port gives licenced garages access to a car so that service fault lights can be reset, and a new key programmed if the owner requires one. Because of EU fair-trading legislation, the OBD port must be easily accessible and uniform – allowing non-franchised garages to access using On-Board Diagnostic tools. These tools can be expensive – up to £5,000 – but kits which allow a blank key to be reprogrammed can cost as little as £50.

The Relay Attack

The relay attack exploits a vulnerability in passive keyless entry systems, which allow drivers to open and start their cars without removing the key fob from their pocket. Usually operating in pairs, one criminal will hold a device up against the front wall or porch of a home, searching for a signal from the keyless fob. The device then relays the key’s signal to an accomplice, who is holding another device against the car door. The car is effectively fooled into believing that the owner is within a defined range (usually within two metres) and is approaching the car with his key. The door opens, and the signal is relayed to the accomplice a second time, allowing the car to start. Once started the engine will not restart without the key present.

Jamming

Jamming relies on driver inattentiveness. A criminal will hide a signal blocking device in a residential street or car park – preventing the locking signal from standard remote fobs from reaching the car. The car thief will then return to the location and test all the car doors within range of the device. Once opened the car can be stolen using an OBD device or the car’s contents taken.

Drivers can protect against this technique by simply observing for visual confirmation that their car has locked successfully (e.g. audible locking sound, flashing indicators or folding wing mirrors).

Special deal
Business contract hire Fiat 500, Hatchback
Fiat 500 Hatch
1.2 8V 69 Pop 3Dr Manual [Start Stop]
£113.35 + VAT monthly rental
£680.10 + VAT initial rental
Business contract hire
Contract term: 48 months
Rental profile: 6 + 47
Annual mileage: 10000
1.2 litre Petrol Manual
+ compare
Special deal
Business contract hire Skoda Octavia, Hatchback
Skoda Octavia Hatch
1.0 TSi 115 SE Technology 5Dr DSG [Start Stop]
£138.87 + VAT monthly rental
£833.22 + VAT initial rental
Business contract hire
Contract term: 24 months
Rental profile: 6 + 23
Annual mileage: 10000
1 litre Petrol Automatic
+ compare
Special deal
Business contract hire BMW 1 Series, Hatchback
BMW 1 Series M140 Hatch
3.0 i 340 Shadow Edition 5Dr Auto [Start Stop]
£284.63 + VAT monthly rental
£1707.78 + VAT initial rental
This vehicle is in stock
Business contract hire
Contract term: 24 months
Rental profile: 6 + 23
Annual mileage: 10000
3 litre Petrol Automatic
+ compare
Special deal
Business contract hire SEAT Arona, SUV / 4x4
SEAT Arona SUV
1.6 TDI 95 SE 5Dr Manual [Start Stop]
£158.00 + VAT monthly rental
£948.00 + VAT initial rental
Business contract hire
Contract term: 36 months
Rental profile: 6 + 35
Annual mileage: 10000
1.6 litre Diesel Manual
+ compare
Special deal
Business contract hire Mazda CX-5, SUV / 4x4
Mazda CX-5 SUV
2.0 SKYACTIV-G 165 SE-L Nav+ 5Dr Manual [Start Stop]
£199.00 + VAT monthly rental
£1194.00 + VAT initial rental
Business contract hire
Contract term: 48 months
Rental profile: 6 + 47
Annual mileage: 10000
2 litre Petrol Manual
+ compare
Business contract hire Toyota Prius, Hatchback
Toyota Prius PiH Hatch
1.8 VVT-h PiH 122 Business Edition Plus 5Dr CVT [Start Stop]
£278.99 + VAT monthly rental
£1673.94 + VAT initial rental
This vehicle has low CO2 emissions (Tax band B)
Business contract hire
Contract term: 36 months
Rental profile: 6 + 35
Annual mileage: 10000
1.8 litre Petrol/PlugIn Electric Hybrid Automatic
+ compare
Business contract hire Toyota Auris, Hatchback
Toyota Auris Hatch
1.2 VVTi 116 Icon Tech 5Dr Manual [Start Stop]
£240.84 + VAT monthly rental
£1445.04 + VAT initial rental
Business contract hire
Contract term: 36 months
Rental profile: 6 + 35
Annual mileage: 10000
1.2 litre Petrol Manual
+ compare
Business contract hire Toyota Prius, Hatchback
Toyota Prius Hatch
1.8 VVT-h 122 Excel 5Dr CVT [Start Stop]
£263.37 + VAT monthly rental
£1580.22 + VAT initial rental
Business contract hire
Contract term: 36 months
Rental profile: 6 + 35
Annual mileage: 10000
1.8 litre Petrol/Electric Hybrid Automatic
+ compare
Business contract hire Toyota C-HR, SUV / 4x4
Toyota C-HR
1.8 VVT-h 122 Excel 5Dr CVT [Start Stop]
£255.82 + VAT monthly rental
£1534.92 + VAT initial rental
Business contract hire
Contract term: 36 months
Rental profile: 6 + 35
Annual mileage: 10000
1.8 litre Petrol/Electric Hybrid Automatic
+ compare
Business contract hire Kia Niro, SUV / 4x4
Kia Niro SUV
1.6 h GDi 139 4 5Dr DCT [Start Stop]
£271.49 + VAT monthly rental
£271.49 + VAT initial rental
Business contract hire
Contract term: 48 months
Rental profile: 1 + 47
Annual mileage: 10000
1.6 litre Petrol/Electric Hybrid Automatic
+ compare

Share this article Post this page to facebookTweet this pageGoogle+ this pagePost this page to LinkedinPin page

Posted on 25th April 2018 at 9:41 PM

We use cookies to ensure that we give you the best experience on our website. If you continue without changing your settings, we'll assume that you are happy to receive all cookies on this website. However, if you would like to, you can change your cookie settings at any time. Close this message.