The tech revolution in the automotive industry is providing car owners with all kinds of new-generation solutions, including apps that make it possible to remotely control smart vehicles.
The concept of connected cars has evolved a lot lately, and as a result, software developers across the globe have come up with mobile applications that often provide much more advanced functionality than what the car manufacturer has to offer in the first place.
In many ways, this is something that totally makes sense, as third-party app devs typically create new software, based entirely on user feedback and requests from the community.
And while these solutions are pretty intriguing, security vendor Kaspersky warns that handling them with extra care might actually be a very good idea.
Out of 69 apps, Kaspersky looked at as part of recent research, more than half don’t even warn about collecting personal credentials. And this is concerning, to say the least, as all of them require access to the account created by the car manufacturer, which means they have full access to the capabilities offered by the carmaker in the first place.
14 percent of the apps come with no contact information, so if you’re trying to reach out to the developer, this is pretty much impossible.
In case you’re wondering why this is such a big deal, it all comes down to the information that these apps access. Because they connect to the manufacturer’s account, these third-party solutions need to store credentials as securely as possible. Otherwise, hackers that compromise them could eventually be able to remotely control your vehicle as well, with Kaspersky warning they may be able to adjust the air conditioning, honk, flash the lights, and so on.
Not to mention that once a hacker breaks in, they have access to pretty much all the data the third-party solution can read, including… well… geolocation information.
In theory, the easiest way to make sure you’re secure is to always download apps from the official app store, and if you suspect something’s fishy after installing a third-party solution, change your passwords as soon as possible and revoke the access from the main account with the car manufacturer.
In many ways, this is something that totally makes sense, as third-party app devs typically create new software, based entirely on user feedback and requests from the community.
And while these solutions are pretty intriguing, security vendor Kaspersky warns that handling them with extra care might actually be a very good idea.
Out of 69 apps, Kaspersky looked at as part of recent research, more than half don’t even warn about collecting personal credentials. And this is concerning, to say the least, as all of them require access to the account created by the car manufacturer, which means they have full access to the capabilities offered by the carmaker in the first place.
14 percent of the apps come with no contact information, so if you’re trying to reach out to the developer, this is pretty much impossible.
In case you’re wondering why this is such a big deal, it all comes down to the information that these apps access. Because they connect to the manufacturer’s account, these third-party solutions need to store credentials as securely as possible. Otherwise, hackers that compromise them could eventually be able to remotely control your vehicle as well, with Kaspersky warning they may be able to adjust the air conditioning, honk, flash the lights, and so on.
Not to mention that once a hacker breaks in, they have access to pretty much all the data the third-party solution can read, including… well… geolocation information.
In theory, the easiest way to make sure you’re secure is to always download apps from the official app store, and if you suspect something’s fishy after installing a third-party solution, change your passwords as soon as possible and revoke the access from the main account with the car manufacturer.