DETROIT — Hackers can already take control of a car. And as vehicles become rolling shopping malls, cybercriminals will have an opportunity to snatch your identity, too.
Eager for a cut of drivers’ purchases of fast food, gas and more, automakers have big plans to bring e-commerce to the dashboard. Ford already has an app that lets drivers dictate an order to Domino’s Pizza using voice controls and a smartphone. General Motors this year began offering AtYourService, which alerts drivers to deals at Dunkin’ Donuts or lets them book a hotel room on Priceline.com using voice commands.
By 2020, as many as 40 per cent of new vehicles sold worldwide will let drivers shop from behind the wheel, predicts Thilo Koslowski, vice-president of the auto practice at Gartner, a leading information technology research and advisory company.
But connected cars will present a rich target, akin to retailers or banks, where hackers can troll for credit card numbers, home addresses, email information and all the other personal details required for identity theft.
“Today the motivation for hacking a car is mischief, with an objective of hurting people or car companies,” Koslowski said.
Once drivers can shop with impunity as they roll down the highway, “the car will definitely be viewed as a vulnerable device.”
Most cars sold today lack the technology for drivers to pay for items they purchase (unless they use a smartphone). But by 2022, some 82.5 million autos worldwide will be connected to the Internet, more than triple the number now, according to researcher IHS Automotive.
In the next two to five years, “buy buttons” connected to smartphone mobile wallets will start appearing on dashboards, according to Richard Crone, who runs payment adviser Crone Consulting LLC. That means motorists will soon be able to buy a pizza, fill up the tank or preorder a half caf skinny macchiato from Starbucks without pulling out their phone or credit card.
Banks and credit card companies are looking to pile in. Visa has developed an app for the dashboard or smartphone that enables the car to buy gasoline, parking and fast food. Commercial deployments will be announced in the next few months. FIS, a payment technology company, is developing a banking app for cars that will let drivers pay bills or check balances.
Commuters want to be connected, and shopping from the steering wheel is the next logical step, said Phil Abram, chief infotainment officer of GM’s OnStar system.
“Over three million times a year, somebody pushes the blue button in a car and asks for directions to a hotel or to ask ‘Where is a coffee shop or gas station?”‘ Abram said in an interview. “The roots of this are in what customers want.”
But automakers this summer have proven easy targets for hackers. Two security experts hacked into a Jeep Cherokee’s infotainment system in July to take control of the engine and transmission as an 18-wheeler was bearing down on it. OnStar also was hacked when a security researcher used a small device hidden on a 2013 Chevrolet Volt to take control of GM’s RemoteLink app, which allowed him to unlock the car and start its engine.
“This has been a bit of a blind spot for automakers,” Mark Boyadjis, a technology analyst for IHS, said of cars’ vulnerability to hacking.
The Jeep hack forced parent company Fiat Chrysler to recall 1.4 million vehicles and ask wireless partner Sprint Corp. to issue a temporary fix over its network. GM worked with the “white hat” hacker to come up with a software patch for RemoteLink within 24 hours, Abram said.
Early services like Ford’s Domino’s app don’t put a driver’s credit card information at risk because that data is stored in the smartphone, the automaker said. Visa’s in-car payments will use a randomly generated digital “token” rather than the credit card number.
Hackers bent on identity theft are expected to infiltrate cars through the entertainment portal, as the Jeep hackers did, or market malicious apps that appear harmless or even helpful, but actually steal personal information.
View the original content and more from this author here: http://ift.tt/1UhzLhV
from hacker samurai http://ift.tt/1LGkV5k
via IFTTT
No comments:
Post a Comment