Connected cars offer their users a lot of benefits, mainly related to additional information and remote control of vehicle functions. However, as usual, new opportunities bring new threats. Some of them are associated with numerous services and applications for connected car owners, developed not by car manufacturers, but by third-party companies. Recently, our colleagues studied popular applications and services of this kind and described their main shortcomings related to information security. The results of this study are published on our Securelist blog. In the report the shortcomings of applications are described from an end user point-of-view. However, the lessons that can be learned from this work should interest software developers.
Common connected car application flaws
A fair number of applications serve as a kind of intermediate link between the owner and the car manufacturer’s service. They usually require a password and login (or an authorization token) for these services. In other words, the car owners give the software developer digital keys to their cars, and not every user is aware of this fact. We’ve outlined the common flaws in these applications.
Lack of transparency
In the relationship between developers and end users trust is the most important thing. Therefore, it is extremely important to clearly and explicitly inform the user that:
- your application uses a client account in the original service;
- you do not store these credentials (or store them encrypted);
- the authorization token also allows access to a number of vehicle functions;
- by using the application, the user accepts the possibility of additional risk.
Lack of communication channel with developers
It is a common practice for software developers to leave a channel open for user feedback. Of course, it is unheard of to expect 24/7 technical support from the authors of free applications, but in the case of applications that can interfere with the operation of the connected car, there should be at least some means of communication in case of unforeseen circumstances related to the safety or security of the vehicle or driver.
Incorrect termination of cooperation
When a customer removes your app, you have no way of knowing the reason behind the action. Maybe they no longer needs your services, or maybe they just want to change devices. In case the reason is the former, it would be helpful to remind the user that they should cancel the subscription and/or delete the account. It would also be nice to advise them to change the password in the automaker’s service or revoke the authorization token. On the one hand, this will show your concern for the user’s security and privacy, and on the other hand, it will relieve you of any unnecessary responsibility.
Additional app security tips
No one wants their application to allow some cybercriminal to attack the end user’s car. Therefore, our experts urge developers of smart car applications to take precautionary measures so as not to compromise their customers or themselves. Here are a few practical tips:
- Adopt solutions that can secure the software development process by application control at runtime, scanning for vulnerabilities before deployment, routine security vetting of containers and anti-malware testing of the production artifacts.
- Implement security mechanisms in the application itself.
- Conduct a security audit of turnkey solutions before going to market.