Connected car apps are a threat to data says Kaspersky

The advent of software in our cars has expanded with every passing day. Connected car features allow users to remotely lock/unlock, pre-heat or pre-cool the cabin and even remotely start or turn off the vehicle via a mobile app. While most car manufacturers offer their in-house connected car apps, users tend to download third-party connected car apps as they offer more features and personalisation. Though software security firm Kaspersky states these apps pose a severe data security threat.

Kaspersky carried out a comprehensive analysis of 69 such third-party apps that connect your phone with your vehicle. Upon scrutiny, Kaspersky found more than half (58%) of the applications don’t warn about the risks of using the owner’s account from the original automaker’s service. Moreover, every seventh (14%) application does not have information on how to contact the developer or give feedback, making it impossible to report a problem or request more information on the app’s privacy policy.

Change Image   |   Delete Image

One reason deduced by Kaspersky from such findings is that enthusiasts have developed these apps instead of legitimate software firms. While this isn’t a worrisome issue, the report questions the integrity of such enthusiastic developers upon whether they prioritise the safety of data like a car manufacturer-backed app would.

“The benefits of a connected world are countless. However, it is important to note that this is still a developing industry, which carries certain risks. When downloading a third-party application to control your car remotely, users should be aware of possible threats. We entrust a lot of private information and personal data to connected technology. Unfortunately, not all developers take a responsible approach when it comes to data storage and collection, which results in users exposing their personal information.

This data may further be sold on the dark web and end up in untrustful hands. Moreover, cybercriminals might not only steal your data and personal credentials but also gain access to your vehicle – and that might lead to physical threats.,’ comments Sergey Zorin, Head of Kaspersky Transportation Security at Kaspersky.

Change Image   |   Delete Image

Hence, Kaspersky experts recommend that users only download apps from official stores like the Apple App Store and Google Play. It further recommends you strictly monitor the permissions required while also possessing a reliable security solution on your smartphone.

However, Apple recently introduced its next-gen CarPlay connected car software that gains access to most of the features in the vehicle. This will allow one to customise speedometer gauges and displays, adjust air-conditioning, and even access the sunroof. Big players such as Mercedes-Benz, Audi, and Jaguar, among many others, have shown keen interest in collaborating on the same. Click here to read more on the next-gen Apple CarPlay.